Download
| Alert*
oval:org.secpod.oval:def:705114
php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter PHP could be made to crash or execute arbitrary code if it received specially crafted image. oval:org.secpod.oval:def:66778 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Invalid memory access in function xmlrpc_decode * php: File rename across filesystems may allow unwanted access du ... oval:org.secpod.oval:def:1601055 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information d ... oval:org.secpod.oval:def:604537 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: Missing sanitising in the EXIF extension and the iconv_mime_decode_headers function could result in information disclosure or denial of service. oval:org.secpod.oval:def:1601052 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information d ... oval:org.secpod.oval:def:604535 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: Missing sanitising in the EXIF extension and the iconv_mime_decode_headers function could result in information disclosure or denial of service. oval:org.secpod.oval:def:89003087 This update for php53 fixes the following issues: Security issues fixed: - CVE-2019-11038: Fixed a information disclosure in gdImageCreateFromXbm . - CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail . - CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment . oval:org.secpod.oval:def:116923 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:2500206 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:116921 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:59002 The host is installed with Apple MacOS X 10.13.6, 10.14.6 and before 10.13 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle multiple issues in PHP. Successful exploitation could allow attackers to cause a denial of servi ... oval:org.secpod.oval:def:2105112 Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable. oval:org.secpod.oval:def:58849 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: Missing sanitising in the EXIF extension and the iconv_mime_decode_headers function could result in information disclosure or denial of service. oval:org.secpod.oval:def:1503030 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69493 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Invalid memory access in function xmlrpc_decode * php: File rename across filesystems may allow unwanted access du ... oval:org.secpod.oval:def:1505314 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69759 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: Missing sanitising in the EXIF extension and the iconv_mime_decode_headers function could result in information disclosure or denial of service. oval:org.secpod.oval:def:59478 The host is missing a critical security update according to Apple advisory, APPLE-SA-2019-10-07-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrar ... oval:org.secpod.oval:def:504284 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers * php: Buffer over-read in exif_read_data ... oval:org.secpod.oval:def:58365 php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter PHP could be made to crash or execute arbitrary code if it received specially crafted image. oval:org.secpod.oval:def:2500164 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:76650 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information ... oval:org.secpod.oval:def:504902 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php72-php . Security Fix: * php: underflow in env_path_info in fpm_main.c * gd: Unsigned integer underflow _gdContributionsAlloc * gd: He ... oval:org.secpod.oval:def:66572 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers * php: Buffer over-read in exif_read_data ... oval:org.secpod.oval:def:59503 The host is missing a security update according to Apple advisory, APPLE-SA-2019-10-29-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code or ... oval:org.secpod.oval:def:65360 The host is missing a critical security update according to Apple advisory, APPLE-SA-2019-10-07-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrar ... oval:org.secpod.oval:def:3300866 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:89047906 This update for php7 fixes the following issues: - Version update to 7.2.34 [jsc#SLE-23639] - CVE-2022-37454: Fixed SHA-3 buffer overflow . - Fix integer overflow in PHP_SHA3##bits . |