Download
| Alert*
oval:org.secpod.oval:def:3300866
SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:89047906 This update for php7 fixes the following issues: - Version update to 7.2.34 [jsc#SLE-23639] - CVE-2022-37454: Fixed SHA-3 buffer overflow . - Fix integer overflow in PHP_SHA3##bits . oval:org.secpod.oval:def:89047905 This update for php7 fixes the following issues: - Version update to 7.4.33: - CVE-2022-31630: Fixed out-of-bounds read due to insufficient input validation in imageloadfont . - CVE-2022-37454: Fixed buffer overflow in hash_update on long parameter . - Version update to 7.4.32 - CVE-2022-31628: Fix ... oval:org.secpod.oval:def:3300882 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:3300388 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:3000280 Multiple security issues were discovered in PHP, a widely-used open source general purpose scripting language which could result in denial of service, information disclosure, insecure cooking handling or potentially the execution of arbitrary code. oval:org.secpod.oval:def:3300527 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:2107892 Oracle Solaris 11 - ( CVE-2022-31627 ) oval:org.secpod.oval:def:88543 php8.1: HTML-embedded scripting language interpreter - php8.0: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:4501162 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: password of excessive length triggers buffer overflow leading to RCE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informati ... oval:org.secpod.oval:def:3300568 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:507062 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: password of excessive length triggers buffer overflow leading to RCE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informati ... oval:org.secpod.oval:def:3300349 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:5800127 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: password of excessive length triggers buffer overflow leading to RCE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informati ... oval:org.secpod.oval:def:707151 php8.1: HTML-embedded scripting language interpreter - php8.0: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:2600033 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:85949 Charles Fol discovered two security issues in PHP, a widely-used open source general purpose scripting language which could result an denial of service or potentially the execution of arbitrary code: CVE-2022-31625 Incorrect memory handling in the pg_query_params function. CVE-2022-31626 A buffer ov ... oval:org.secpod.oval:def:89046732 This update for php7 fixes the following issues: - CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. - CVE-2022-31626: Fixed buffer overflow via user-supplied password when using pdo_mysql extension with mysqlnd driver. . oval:org.secpod.oval:def:1701626 A vulnerability was found in PHP due to an uninitialized array in pg_query_params function. When using the Postgres database extension, supplying invalid parameters to the parameterized query may lead to PHP attempting to free memory, using uninitialized data as pointers. This flaw allows a remote a ... oval:org.secpod.oval:def:1505838 php [7.4.19-3] - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 oval:org.secpod.oval:def:608690 Charles Fol discovered two security issues in PHP, a widely-used open source general purpose scripting language which could result an denial of service or potentially the execution of arbitrary code: CVE-2022-31625 Incorrect memory handling in the pg_query_params function. CVE-2022-31626 A buffer ov ... oval:org.secpod.oval:def:1505810 php [8.0.13-3] - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 oval:org.secpod.oval:def:2500792 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:4501150 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: password of excessive length triggers buffer overflow leading to RCE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informati ... oval:org.secpod.oval:def:507074 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: password of excessive length triggers buffer overflow leading to RCE * php: Local privilege escalation via PHP-FPM * php: special character breaks path in xml parsing * php: uninitialized ar ... oval:org.secpod.oval:def:507111 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: password of excessive length triggers buffer overflow leading to RCE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informati ... oval:org.secpod.oval:def:507059 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: password of excessive length triggers buffer overflow leading to RCE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related informati ... oval:org.secpod.oval:def:122469 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:122466 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:89046424 This update for php7 fixes the following issues: - CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. - CVE-2022-31626: Fixed buffer overflow via user-supplied password when using pdo_mysql extension with mysqlnd driver. . oval:org.secpod.oval:def:3300441 SUSE Security Update: Security update for php8 oval:org.secpod.oval:def:1505900 [8.0.13-2] - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 oval:org.secpod.oval:def:87175 The host is installed with PHP versions below 7.4.30, 8.0.x below 8.0.20 or 8.1.x below 8.1.7 and is prone to a classic buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle issue in the phar uncompressor code. On successful exploitation, the phar uncomp ... oval:org.secpod.oval:def:1507098 Oracle Linux 8 php:8.0 security update |