Ubuntu Security Notice 6525-1 - Nicky Mouha discovered that pysha incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause pysha3 to crash, resulting in a denial of service, or possibly execute arbitrary code.
eb66b00b1d47d9411c1e48b06db7fbf3770b8270dffc1fb3d733e39237b10423Ubuntu Security Notice 6524-1 - Nicky Mouha discovered that PyPy incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause PyPy to crash, resulting in a denial of service, or possibly execute arbitrary code.
216267c9b12cf55f9938b0da711b5f1427ec8e13108e03df548bdaf2e53dce85Red Hat Security Advisory 2023-2903-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.
14a0a9a8f5279ccadad2c5e3c17b877bba2ef4521d090aff2aef00472ba06ed5Red Hat Security Advisory 2023-2417-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.
6f47e62ad0a97a6168bb8cbdb23c454b713421317ea8a4adaead022a0b590fdcGentoo Linux Security Advisory 202305-2 - Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.
641b7206ae708be2456ced27dc11f8f77c8d01d6eb97ee4f516c3e6799b4e0adUbuntu Security Notice 5931-1 - It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code.
33bbf9788230cbeb99c657b8e28943adea06a0071c8079fb8b2553765bcb5937Ubuntu Security Notice 5930-1 - It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code.
3eea1d8c54397f96a37251d32922f85c73164c2faad23c5a4a9d2e29e9aef977Ubuntu Security Notice 5767-3 - USN-5767-1 fixed vulnerabilities in Python. This update fixes the problem for Ubuntu 18.04 LTS. Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
3dc497cd1ab19fc28ac4bd2bee894b67b6bef61851ee8c1945e255f133cd4e65This paper describes a vulnerability in several implementations of the Secure Hash Algorithm 3 (SHA-3) that have been released by its designers. The vulnerability has been present since the final-round update of Keccak was submitted to the National Institute of Standards and Technology (NIST) SHA-3 hash function competition in January 2011, and is present in the eXtended Keccak Code Package (XKCP) of the Keccak team. It affects all software projects that have integrated this code, such as the scripting languages Python and PHP Hypertext Preprocessor (PHP). The vulnerability is a buffer overflow that allows attacker-controlled values to be eXclusive-ORed (XORed) into memory (without any restrictions on values to be XORed and even far beyond the location of the original buffer), thereby making many standard protection measures against buffer overflows (e.g., canary values) completely ineffective.
e5ce94c802fc96b96a37593074295283819a7abf859a04a1c1cbfcdb566dcdb1Red Hat Security Advisory 2023-0965-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.
21cc7adcd44f74a7b7d1f07e645c25db715969dc71fb46ce643d346bc354f014Red Hat Security Advisory 2023-0848-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.
d6a1d2c70e7aeefb58c3d6f8d3e365857d79e83f3ce23dcb4126b0c9c7790543Ubuntu Security Notice 5767-1 - Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code. It was discovered that Python incorrectly handled certain IDNA inputs. An attacker could possibly use this issue to expose sensitive information denial of service, or cause a crash.
7c1e978b221fce1e3215a3c441af36781bffe05e45a13e452423ec7ff4141283Gentoo Linux Security Advisory 202211-3 - Multiple vulnerabilities have been found in PHP, the worst of which could result in arbitrary code execution. Versions less than 7.4.33:7.4 are affected.
9a1678e24b2e3feff0e005708de8cc73ed15cb45dc823e4705b0397f6d11473cDebian Linux Security Advisory 5277-1 - Multiple security issues were discovered in PHP, a widely-used open source general purpose scripting language which could result an denial of service, information disclosure, insecure cooking handling or potentially the execution of arbitrary code.
40cb66a9c0c2167146b80561176a952e5901d8ea040e6b36e934347e7c5f4ac6Ubuntu Security Notice 5717-1 - It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise the data It was discovered that PHP incorrectly handled certain image fonts. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS.
5d9c5fa429c56df30e64215e02fbcce857d17b47d4d6b19014cc6d97a3a22070Debian Linux Security Advisory 5269-1 - Nicky Mouha discovered a buffer overflow in the sha3 module of PyPy, a fast, compliant alternative implementation of the Python language.
f752ef01084b627e09856d7a86d4d183b378e7a674828118e0fc6145e4675723Debian Linux Security Advisory 5267-1 - Nicky Mouha discovered a buffer overflow in 'sha3', a Python library for the SHA-3 hashing functions.
d4090d5d01e608bb05f0321bed3147663eb2d627ff27188ec0ba8a82517bcbdd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed