[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108684

 
 

909

 
 

85446

 
 

134

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:602539
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.22, which includes additional bug fixes. Please refer to the upstream changelog for more i ...

oval:org.secpod.oval:def:602573
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.24, which includes additional bug fixes. Please refer to the upstream changelog for more i ...

oval:org.secpod.oval:def:36685
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:36684
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:703219
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:501893
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * A flaw was found in the way certain error conditions were handled by bzread function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vuln ...

oval:org.secpod.oval:def:114238
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the fo ...

oval:org.secpod.oval:def:1600834
Reflected XSS in .phar 404 pageAn issue was discovered in PHP; there is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. Denial of Service via infinite loop in libgd gdImageCreateFromGifCtx function in ext/gd/libgd/gd_gif_in.cThe gd_gif_in.c file in the GD Graphic ...

oval:org.secpod.oval:def:114209
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the fo ...

oval:org.secpod.oval:def:602769
Several issues have been discovered in PHP, a widely-used open source general-purpose scripting language. CVE-2016-10158 Loading a TIFF or JPEG malicious file can lead to a Denial-of-Service attack when the EXIF header is being parsed. CVE-2016-10159 Loading a malicious phar archive can cause an ext ...

oval:org.secpod.oval:def:38492
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:38493
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:38494
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:38497
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:111382
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:111381
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:38495
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:38496
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation may cause an unexpected application termination or arbit ...

oval:org.secpod.oval:def:38489
The host is missing a critical security update according to Apple advisory, APPLE-SA-2016-12-13-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute a ...

oval:org.secpod.oval:def:37430
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:602641
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.26, which includes additional bug fixes. Please refer to the upstream changelog for more i ...

oval:org.secpod.oval:def:703293
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:703979
php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:1800488
CVE-2017-6362: Double-free in gdImagePngPtr. Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. Fixed In Version: libgd 2.2.5

oval:org.secpod.oval:def:603044
Matviy Kotoniy reported that the gdImageCreateFromGifCtx function used to load images from GIF format files in libgd2, a library for programmatic graphics creation and manipulation, does not zero stack allocated color map buffers before their use, which may result in information disclosure if a spec ...

oval:org.secpod.oval:def:502240
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function For more details about the security issue, including the impact, a CVSS score, and other related information, refer t ...

oval:org.secpod.oval:def:703764
libgd2: GD Graphics Library The system could be made to expose sensitive information.

oval:org.secpod.oval:def:1502143
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:113491
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the fo ...

oval:org.secpod.oval:def:1800681
CVE-2017-6362: Double-free in gdImagePngPtr. Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. Fixed In Version: libgd 2.2.5

oval:org.secpod.oval:def:204757
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function For more details about the security issue, including the impact, a CVSS score, and other related information, refer t ...

oval:org.secpod.oval:def:1501634
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * A flaw was found in the way certain error conditions were handled by bzread function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vuln ...

oval:org.secpod.oval:def:204128
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * A flaw was found in the way certain error conditions were handled by bzread function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vuln ...

oval:org.secpod.oval:def:45546
php7.2: HTML-embedded scripting language interpreter - php7.1: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:704073
php7.2: HTML-embedded scripting language interpreter - php7.1: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:1600881
Null pointer dereference due to mishandling of ldap_get_dn return value allows denial-of-service by malicious LDAP server or man-in-the-middle attackerAn issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP se ...

oval:org.secpod.oval:def:114459
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:114334
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:114335
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:44739
php7.1: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:114079
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:114112
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ...

oval:org.secpod.oval:def:1600863
Stack-based buffer under-read in ext/standard/http_fopen_wrapper.c:php_stream_url_wrap_http_ex function when parsing HTTP response allows denial of serviceIn PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing ...

oval:org.secpod.oval:def:1600861
Stack-based buffer under-read in ext/standard/http_fopen_wrapper.c:php_stream_url_wrap_http_ex function when parsing HTTP response allows denial of service:In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsin ...

oval:org.secpod.oval:def:45901
The host is installed with Apple Mac OS X 10.13.4 and is prone to a stack buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle php version less than 7.1.16. Successful exploitation allows attackers to execute arbitrary code in the context of the affecte ...

oval:org.secpod.oval:def:704014
php7.1: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:41755
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:703748
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:603231
Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2017-11142 Denial of service via overly long form variables CVE-2017-11143 Invalid free in wddx_deserialize CVE-2017-11144 Denial of service in openssl extension due to incorrect return value ...

oval:org.secpod.oval:def:704125
file: Tool to determine file types Several security issues were fixed in file.

oval:org.secpod.oval:def:34860
php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP.

oval:org.secpod.oval:def:34617
The host is installed with Apple Mac OS X or Server 10.11.x before 10.11.5 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to cause unspecified impact.

oval:org.secpod.oval:def:34616
The host is missing a security update according to Apple advisory, APPLE-SA-2016-05-16-4. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow remote attackers to caus ...

oval:org.secpod.oval:def:602487
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.20, which includes additional bug fixes. Please refer to the upstream changelog for more i ...

oval:org.secpod.oval:def:1600383
The following security-related issues were resolved:Buffer over-write in finfo_open with malformed magic file Signedness vulnerability causing heap overflow in libgd Integer overflow in php_raw_url_encode Format string vulnerability in php_snmp_error Invalid memory write in phar on filename containi ...

oval:org.secpod.oval:def:45898
The host is installed with Apple Mac OS 10.13.4, 10.12.6 or 10.11.6 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory or ...

CVE    88
CVE-2017-11142
CVE-2016-10397
CVE-2016-1904
CVE-2016-3132
...
*CPE
cpe:/a:php:php:7.0.1

© SecPod Technologies