exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 8

GHSA-2784-39w4-9568

около 3 лет назад

sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and buffer overflow) via a long string, as demonstrated by a long URI in a configuration with custom REQUEST_URI logging.

CVSS3: 9.1

EPSS: Низкий

CVE-2016-5114

почти 9 лет назад

CVSS3: 9.1

EPSS: Низкий

CVE-2016-5114

больше 9 лет назад

CVSS2: 5.8

EPSS: Низкий

CVE-2016-5114

почти 9 лет назад

CVSS3: 9.1

EPSS: Низкий

CVE-2016-5114

почти 9 лет назад

sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and ...

CVSS3: 9.1

EPSS: Низкий

BDU:2022-02545

почти 9 лет назад

Уязвимость компонента sapi/fpm/fpm/fpm_log.c интерпретатора языка программирования PHP, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании

CVSS3: 9.1

EPSS: Низкий

SUSE-SU-2016:1581-1

около 9 лет назад

Security update for php53

EPSS: Низкий

SUSE-SU-2016:1638-1

около 9 лет назад

Security update for php53

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-2784-39w4-9568 sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and buffer overflow) via a long string, as demonstrated by a long URI in a configuration with custom REQUEST_URI logging.	CVSS3: 9.1	1% Низкий	около 3 лет назад
CVE-2016-5114 sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and buffer overflow) via a long string, as demonstrated by a long URI in a configuration with custom REQUEST_URI logging.	CVSS3: 9.1	1% Низкий	почти 9 лет назад
CVE-2016-5114 sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and buffer overflow) via a long string, as demonstrated by a long URI in a configuration with custom REQUEST_URI logging.	CVSS2: 5.8	1% Низкий	больше 9 лет назад
CVE-2016-5114 sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and buffer overflow) via a long string, as demonstrated by a long URI in a configuration with custom REQUEST_URI logging.	CVSS3: 9.1	1% Низкий	почти 9 лет назад
CVE-2016-5114 sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and ...	CVSS3: 9.1	1% Низкий	почти 9 лет назад
BDU:2022-02545 Уязвимость компонента sapi/fpm/fpm/fpm_log.c интерпретатора языка программирования PHP, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании	CVSS3: 9.1	1% Низкий	почти 9 лет назад
SUSE-SU-2016:1581-1 Security update for php53			около 9 лет назад
SUSE-SU-2016:1638-1 Security update for php53			около 9 лет назад

Уязвимостей на страницу