This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:php:php:5.4.4
Detail
VendorPhpFirst view 2012-07-20
ProductPhpLast view2019-03-08
Version5.4.4TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:php:php

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52019-03-08CVE-2019-9641NetworkLowNone Requ...
52019-03-08CVE-2019-9639NetworkLowNone Requ...
52019-03-08CVE-2019-9638NetworkLowNone Requ...
52019-03-08CVE-2019-9637NetworkLowNone Requ...
52019-02-22CVE-2019-9024NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52019-02-22CVE-2019-9023NetworkLowNone Requ...
7.52019-02-22CVE-2019-9021NetworkLowNone Requ...
7.52019-02-22CVE-2019-9020NetworkLowNone Requ...
52019-02-21CVE-2018-20783NetworkLowNone Requ...
6.82019-01-26CVE-2019-6977NetworkMediumNone Requ...
52018-12-07CVE-2018-19935NetworkLowNone Requ...
6.52018-11-25CVE-2018-19520NetworkLowRequires ...
52018-11-20CVE-2018-19396NetworkLowNone Requ...
52018-11-20CVE-2018-19395NetworkLowNone Requ...
4.32018-09-16CVE-2018-17082NetworkMediumNone Requ...
52018-08-07CVE-2018-15132NetworkLowNone Requ...
52018-08-03CVE-2018-14883NetworkLowNone Requ...
4.32018-08-02CVE-2018-14851NetworkMediumNone Requ...
6.82018-04-29CVE-2018-10549NetworkMediumNone Requ...
52018-04-29CVE-2018-10548NetworkLowNone Requ...
4.32018-04-29CVE-2018-10547NetworkMediumNone Requ...
52018-04-29CVE-2018-10546NetworkLowNone Requ...
1.92018-04-29CVE-2018-10545LocalMediumNone Requ...
7.52018-03-01CVE-2018-7584NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
25% (47)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
14% (26)CWE-20Improper Input Validation
8% (15)CWE-125Out-of-bounds Read
7% (14)CWE-189Numeric Errors
6% (11)CWE-200Information Exposure
Hide | Show 20 More...
%idName
5% (10)CWE-416Use After Free
4% (9)CWE-476NULL Pointer Dereference
4% (9)CWE-190Integer Overflow or Wraparound
3% (6)CWE-787Out-of-bounds Write
2% (5)CWE-399Resource Management Errors
2% (5)CWE-264Permissions, Privileges, and Access Controls
2% (4)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (3)CWE-400Uncontrolled Resource Consumption ('Resource Exhaustion')
1% (3)CWE-19Data Handling
1% (2)CWE-502Deserialization of Untrusted Data
1% (2)CWE-284Access Control (Authorization) Issues
1% (2)CWE-74Failure to Sanitize Data into a Different Plane ('Injection')
1% (2)CWE-59Improper Link Resolution Before File Access ('Link Following')
1% (2)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (1)CWE-754Improper Check for Unusual or Exceptional Conditions
0% (1)CWE-415Double Free
0% (1)CWE-254Security Features
0% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
0% (1)CWE-78Improper Sanitization of Special Elements used in an OS Command ('O...
0% (1)CWE-17Code

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:29107HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...
oval:org.mitre.oval:def:21114RHSA-2013:1307: php53 security, bug fix and enhancement update (Moderate)
oval:org.mitre.oval:def:18927USN-1937-1 -- php5 vulnerability
oval:org.mitre.oval:def:18760DSA-2742-1 php5 - interpretation conflict
oval:org.mitre.oval:def:23222ELSA-2013:1307: php53 security, bug fix and enhancement update (Moderate)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:25611SUSE-SU-2014:0063-1 -- Security update for PHP5
oval:org.mitre.oval:def:25595SUSE-SU-2014:0064-1 -- Security update for PHP5
oval:org.mitre.oval:def:25081SUSE-SU-2014:0062-1 -- Security update for PHP5
oval:org.mitre.oval:def:26232SUSE-SU-2014:0873-1 -- Security update for PHP5
oval:org.mitre.oval:def:27044RHSA-2013:1615 -- php security, bug fix, and enhancement update (Moderate)
oval:org.mitre.oval:def:27442ELSA-2013-1615 -- php security, bug fix, and enhancement update (moderate)
oval:org.mitre.oval:def:27418DEPRECATED: ELSA-2013-1307 -- php53 security, bug fix and enhancement update ...
oval:org.mitre.oval:def:26428HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...
oval:org.mitre.oval:def:18157DSA-2639-1 php5 - several vulnerabilities
oval:org.mitre.oval:def:18102USN-1761-1 -- php5 vulnerability
oval:org.mitre.oval:def:16819USN-1872-1 -- PHP vulnerability
oval:org.mitre.oval:def:29013HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...
oval:org.mitre.oval:def:26455DSA-3021-1 file - security update
oval:org.mitre.oval:def:27096USN-2369-1 -- file vulnerability
oval:org.mitre.oval:def:27986DSA-3021-2 -- file regression update
oval:org.mitre.oval:def:24369USN-2126-1 -- php5 vulnerabilities
oval:org.mitre.oval:def:28064DSA-3008-2 -- php5 regression update
oval:org.mitre.oval:def:20983RHSA-2013:0514: php security, bug fix and enhancement update (Moderate)
oval:org.mitre.oval:def:24086ELSA-2013:0514: php security, bug fix and enhancement update (Moderate)
oval:org.mitre.oval:def:28245SUSE-SU-2014:1441-1 -- Security update for php53 (moderate)

ExploitDB Exploits

idDescription
30395PHP openssl_x509_parse() - Memory Corruption Vulnerability

OpenVAS Exploits

idDescription
2012-09-26Name : Gentoo Security Advisory GLSA 201209-03 (php)
File : nvt/glsa_201209_03.nasl
2012-09-25Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-22Name : Ubuntu Update for php5 USN-1569-1
File : nvt/gb_ubuntu_USN_1569_1.nasl
2012-09-10Name : Slackware Advisory SSA:2012-204-01 php
File : nvt/esoft_slk_ssa_2012_204_01.nasl
2012-08-30Name : Debian Security Advisory DSA 2527-1 (php5)
File : nvt/deb_2527_1.nasl
Hide | Show 7 More...
idDescription
2012-08-30Name : Fedora Update for maniadrive FEDORA-2012-10936
File : nvt/gb_fedora_2012_10936_maniadrive_fc17.nasl
2012-08-30Name : Fedora Update for php FEDORA-2012-10936
File : nvt/gb_fedora_2012_10936_php_fc17.nasl
2012-08-10Name : FreeBSD Ports: php5
File : nvt/freebsd_php518.nasl
2012-08-06Name : Fedora Update for maniadrive FEDORA-2012-10908
File : nvt/gb_fedora_2012_10908_maniadrive_fc16.nasl
2012-08-06Name : Fedora Update for php-eaccelerator FEDORA-2012-10908
File : nvt/gb_fedora_2012_10908_php-eaccelerator_fc16.nasl
2012-08-06Name : Fedora Update for php FEDORA-2012-10908
File : nvt/gb_fedora_2012_10908_php_fc16.nasl
2012-07-26Name : Mandriva Update for php MDVSA-2012:108 (php)
File : nvt/gb_mandriva_MDVSA_2012_108.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-B-0108Multiple Vulnerabilities in PHP
Severity : Category I - VMSKEY : V0061365
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2014-B-0086Multiple Vulnerabilities in PHP
Severity : Category I - VMSKEY : V0052897
2014-B-0021Multiple Vulnerabilities in PHP
Severity : Category I - VMSKEY : V0044541
2014-A-0030Apple Mac OS X Security Update 2014-001
Severity : Category I - VMSKEY : V0044547
Hide | Show 2 More...
idDescription
2013-A-0179Apple Mac OS X Security Update 2013-004
Severity : Category I - VMSKEY : V0040373
2013-B-0093Multiple Vulnerabilities in PHP
Severity : Category I - VMSKEY : V0040108

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2019-05-07PHP gdImageColorMatch heap buffer overflow file download attempt
RuleID : 49673 - Type : SERVER-OTHER - Revision : 1
2019-05-07PHP gdImageColorMatch heap buffer overflow file upload attempt
RuleID : 49672 - Type : SERVER-OTHER - Revision : 1
2018-12-11CVE PHP infinite loop from use of stream filter and convert.iconv file upload...
RuleID : 48354 - Type : SERVER-WEBAPP - Revision : 2
2018-06-26PHP .phar cross site scripting attempt
RuleID : 46808 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44749 - Type : SERVER-WEBAPP - Revision : 2
Hide | Show 20 More...
DateDescription
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44748 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44747 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44746 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44745 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44744 - Type : SERVER-WEBAPP - Revision : 2
2017-10-24PHP form-based file upload DoS attempt
RuleID : 44390 - Type : SERVER-WEBAPP - Revision : 2
2017-09-19PHP malformed quoted printable denial of service attempt
RuleID : 44001 - Type : SERVER-WEBAPP - Revision : 2
2017-08-23PHP core unserialize use after free attempt
RuleID : 43668 - Type : SERVER-WEBAPP - Revision : 2
2017-07-18Oniguruma expression parser out of bounds write attempt
RuleID : 43182 - Type : FILE-OTHER - Revision : 2
2017-07-18Oniguruma expression parser out of bounds write attempt
RuleID : 43181 - Type : FILE-OTHER - Revision : 2
2017-03-28PHP Exception Handling remote denial of service attempt
RuleID : 41690 - Type : SERVER-OTHER - Revision : 2
2017-03-28PHP Exception Handling remote denial of service attempt
RuleID : 41689 - Type : SERVER-OTHER - Revision : 2
2017-02-23PHP ZipArchive getFromIndex and getFromName integer overflow attempt
RuleID : 41384 - Type : SERVER-WEBAPP - Revision : 2
2017-02-23PHP ZipArchive getFromIndex and getFromName integer overflow attempt
RuleID : 41383 - Type : SERVER-WEBAPP - Revision : 2
2016-11-01PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt
RuleID : 40297 - Type : FILE-IMAGE - Revision : 3
2016-11-01PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt
RuleID : 40296 - Type : FILE-IMAGE - Revision : 2
2016-11-01PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt
RuleID : 40295 - Type : FILE-IMAGE - Revision : 2
2016-11-01PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt
RuleID : 40294 - Type : FILE-IMAGE - Revision : 2
2016-10-20PHP exif_process_user_comment null pointer dereference attempt
RuleID : 40248 - Type : FILE-IMAGE - Revision : 3
2016-10-20PHP exif_process_user_comment null pointer dereference attempt
RuleID : 40247 - Type : FILE-IMAGE - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-14Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2019-1147.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-ee6707d519.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-b6072889db.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-1aeac808ce.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-791c3cfe21.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-7ebfe1e6f2.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-dfe1f0bac6.nasl - Type : ACT_GATHER_INFO
2018-12-17Name : The remote Debian host is missing a security update.
File : debian_DLA-1608.nasl - Type : ACT_GATHER_INFO
2018-12-11Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4353.nasl - Type : ACT_GATHER_INFO
2018-12-03Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201812-01.nasl - Type : ACT_GATHER_INFO
2018-10-26Name : The remote EulerOS Virtualization host is missing a security update.
File : EulerOS_SA-2018-1325.nasl - Type : ACT_GATHER_INFO
2018-10-19Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1090.nasl - Type : ACT_GATHER_INFO
2018-09-27Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1309.nasl - Type : ACT_GATHER_INFO
2018-09-27Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1310.nasl - Type : ACT_GATHER_INFO
2018-09-24Name : The remote Fedora host is missing a security update.
File : fedora_2018-25100b492c.nasl - Type : ACT_GATHER_INFO
2018-09-20Name : The remote Debian host is missing a security update.
File : debian_DLA-1509.nasl - Type : ACT_GATHER_INFO
2018-09-18Name : The remote EulerOS Virtualization host is missing a security update.
File : EulerOS_SA-2018-1249.nasl - Type : ACT_GATHER_INFO
2018-09-04Name : The remote Debian host is missing a security update.
File : debian_DLA-1490.nasl - Type : ACT_GATHER_INFO
2018-08-24Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1066.nasl - Type : ACT_GATHER_INFO
2018-08-24Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1067.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0021.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0029.nasl - Type : ACT_GATHER_INFO
2018-08-10Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1224.nasl - Type : ACT_GATHER_INFO
2018-07-06Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4240.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1217.nasl - Type : ACT_GATHER_INFO