Download
| Alert*
|
oval:org.secpod.oval:def:1600402
A NULL pointer dereference flaw was found in the XSLTProcessor class in PHP. An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT function ... oval:org.secpod.oval:def:52590 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:89045425 This update of PHP5 brings several security fixes. Security fixes: * CVE-2015-6831: A use after free vulnerability in unserialize has been fixed which could be used to crash php or potentially execute code. [bnc#942291] [bnc#942294] [bnc#942295] * CVE-2015-6836: A SOAP serialize_function_call type c ... oval:org.secpod.oval:def:702772 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:31479 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.1 and is prone to a denial of service vulnerability. A flaw is present in the PHP XSLTProcessor class, which fails to properly handle certain data. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:109512 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:602229 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to new upstream versions , which include additional bug fixes. Please refer to the upstream changelog for more information ... oval:org.secpod.oval:def:109508 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:31533 The host is missing a security update according to Apple advisory, APPLE-SA-2015-10-21-4. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code, dis ... oval:org.secpod.oval:def:97632 [CLSA-2022:1651177943] Fix of 227 CVE oval:org.secpod.oval:def:1200096 As reported upstream, A NULL pointer dereference flaw was found in the way PHP"s Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. Use after free vulnerability was found in unserialize function. We can create ZVAL and free it via Serializable::unserialize. Ho ... oval:org.secpod.oval:def:504897 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrary c ... oval:org.secpod.oval:def:1200156 As reported upstream, A NULL pointer dereference flaw was found in the way PHP"s Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. Use after free vulnerability was found in unserialize function. We can create ZVAL and free it via Serializable::unserialize. Ho ... |
