[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

116471

 
 

909

 
 

91176

 
 

140

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:34616
The host is missing a security update according to Apple advisory, APPLE-SA-2016-05-16-4. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to caus ...

oval:org.secpod.oval:def:602573
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.24, which includes additional bug fixes. Please refer to the upstream changelog for more i ...

oval:org.secpod.oval:def:36685
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:37430
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:602641
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.26, which includes additional bug fixes. Please refer to the upstream changelog for more i ...

oval:org.secpod.oval:def:703293
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:36684
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:703219
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:114238
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the fo ...

oval:org.secpod.oval:def:1600834
Reflected XSS in .phar 404 pageAn issue was discovered in PHP; there is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. Denial of Service via infinite loop in libgd gdImageCreateFromGifCtx function in ext/gd/libgd/gd_gif_in.cThe gd_gif_in.c file in the GD Graphic ...

oval:org.secpod.oval:def:114209
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the fo ...

oval:org.secpod.oval:def:38493
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:602487
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.20, which includes additional bug fixes. Please refer to the upstream changelog for more i ...

oval:org.secpod.oval:def:1600383
The following security-related issues were resolved:Buffer over-write in finfo_open with malformed magic file Signedness vulnerability causing heap overflow in libgd Integer overflow in php_raw_url_encode Format string vulnerability in php_snmp_error Invalid memory write in phar on filename containi ...

oval:org.secpod.oval:def:38497
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:111382
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:111381
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:38492
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:38494
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:38495
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:38496
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:1800488
CVE-2017-6362: Double-free in gdImagePngPtr. Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. Fixed In Version: libgd 2.2.5

oval:org.secpod.oval:def:603044
Matviy Kotoniy reported that the gdImageCreateFromGifCtx function used to load images from GIF format files in libgd2, a library for programmatic graphics creation and manipulation, does not zero stack allocated color map buffers before their use, which may result in information disclosure if a spec ...

oval:org.secpod.oval:def:703764
libgd2: GD Graphics Library The system could be made to expose sensitive information.

oval:org.secpod.oval:def:1502143
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:113491
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the fo ...

oval:org.secpod.oval:def:1800681
CVE-2017-6362: Double-free in gdImagePngPtr. Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. Fixed In Version: libgd 2.2.5

oval:org.secpod.oval:def:1501634
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * A flaw was found in the way certain error conditions were handled by bzread function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vuln ...

oval:org.secpod.oval:def:602769
Several issues have been discovered in PHP, a widely-used open source general-purpose scripting language. CVE-2016-10158 Loading a TIFF or JPEG malicious file can lead to a Denial-of-Service attack when the EXIF header is being parsed. CVE-2016-10159 Loading a malicious phar archive can cause an ext ...

oval:org.secpod.oval:def:41755
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:703748
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:34617
The host is installed with Apple Mac OS X or Server 10.11.x before 10.11.5 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to cause unspecified impact.

oval:org.secpod.oval:def:501893
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * A flaw was found in the way certain error conditions were handled by bzread function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vuln ...

oval:org.secpod.oval:def:502240
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function For more details about the security issue, including the impact, a CVSS score, and other related information, refer t ...

oval:org.secpod.oval:def:204128
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * A flaw was found in the way certain error conditions were handled by bzread function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vuln ...

oval:org.secpod.oval:def:204757
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function For more details about the security issue, including the impact, a CVSS score, and other related information, refer t ...

oval:org.secpod.oval:def:45546
php7.2: HTML-embedded scripting language interpreter - php7.1: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:704073
php7.2: HTML-embedded scripting language interpreter - php7.1: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:1600881
Null pointer dereference due to mishandling of ldap_get_dn return value allows denial-of-service by malicious LDAP server or man-in-the-middle attackerAn issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP se ...

oval:org.secpod.oval:def:114459
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:114334
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:114335
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:44739
php7.1: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:114079
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:114112
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:1600863
Stack-based buffer under-read in ext/standard/http_fopen_wrapper.c:php_stream_url_wrap_http_ex function when parsing HTTP response allows denial of serviceIn PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing ...

oval:org.secpod.oval:def:1600861
Stack-based buffer under-read in ext/standard/http_fopen_wrapper.c:php_stream_url_wrap_http_ex function when parsing HTTP response allows denial of service:In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsin ...

oval:org.secpod.oval:def:45901
The host is installed with Apple Mac OS X 10.13.4 and is prone to a stack buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle php version less than 7.1.16. Successful exploitation allows attackers to execute arbitrary code in the context of the affecte ...

oval:org.secpod.oval:def:704014
php7.1: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:703979
php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:603231
Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2017-11142 Denial of service via overly long form variables CVE-2017-11143 Invalid free in wddx_deserialize CVE-2017-11144 Denial of service in openssl extension due to incorrect return value ...

oval:org.secpod.oval:def:1600913
exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, and 7.1.x before 7.1.20, allows remote attackers to cause a denial of service via a crafted JPEG file.An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, and 7.1.x before 7.1.20. An Integer Ov ...

oval:org.secpod.oval:def:704318
php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:47530
php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:115059
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the fo ...

oval:org.secpod.oval:def:704304
libgd2: GD Graphics Library Several security issues were fixed in GD.

oval:org.secpod.oval:def:704125
file: Tool to determine file types Several security issues were fixed in file.

oval:org.secpod.oval:def:603445
Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2018-7584 Buffer underread in parsing HTTP responses CVE-2018-10545 Dumpable FPM child processes allowed the bypass of opcache access controls CVE-2018-10546 Denial of service via infinite lo ...

oval:org.secpod.oval:def:1600916
exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP 7.2.x before 7.2.8 allows remote attackers to cause a denial of service via a crafted JPEG file.exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free because it closes a stream that it ...

oval:org.secpod.oval:def:34860
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:602539
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.22, which includes additional bug fixes. Please refer to the upstream changelog for more i ...

CVE    95
CVE-2017-11142
CVE-2016-10397
CVE-2016-1904
CVE-2016-3132
...
*CPE
cpe:/a:php:php:7.0.0

© SecPod Technologies