Lucene search
K

31 matches found

OSV
OSV
added 2026/05/22 1:21 p.m.10 views

OESA-2026-2420 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

9.8CVSS6.1AI score0.00337EPSS
Exploits1References5
OSV
OSV
added 2026/05/21 6:10 a.m.6 views

BELL-CVE-2025-14179

Bulletin has no description...

9.8CVSS5.7AI score0.00298EPSS
Exploits0References1
OSV
OSV
added 2026/05/18 7:58 a.m.4 views

SUSE-SU-2026:1958-1 Security update for php8

This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. - CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776. -...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2026/05/16 12:0 a.m.16 views

SUSE SLES16 Security Update : php8 (SUSE-SU-2026:21612-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21612-1 advisory. This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References31
OSV
OSV
added 2026/05/10 5:16 a.m.3 views

DEBIAN-CVE-2025-14179

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat, which stops at...

9.8CVSS5.8AI score0.00298EPSS
Exploits0References1
Circl
Circl
added 2026/05/08 5:51 a.m.20 views

CVE-2025-14179

creationtimestamp| type| source ---|---|--- 2026-05-08 05:51:08+00:00| seen| https://bsky.app/profile/remirepo.net/post/3mlczxuq7ac2w 2026-05-08 08:02:13+00:00| seen| https://bsky.app/profile/slackers.it/post/3mldbcb5xiz22 2026-05-10 07:15:43+00:00| seen|...

9.8CVSS5.9AI score0.00298EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2025-14179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when...

9.8CVSS6AI score0.00298EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.7 views

Debian dsa-6255 : libapache2-mod-php8.2 - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6255 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6255-1 [email protected] https://www.debian.org/securit...

9.8CVSS6AI score0.0078EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.11 views

RHEL 10 : tomcat (RHSA-2025:14179)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14179 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat DoS...

7.5CVSS7.7AI score0.64718EPSS
Exploits1References14
GithubExploit
GithubExploit
added 2023/12/03 1:26 p.m.92 views

Exploit for CVE-2020-14179

CVE-2020-14179 Sensitive data exposure via /secure/QueryComp...

5.3CVSS7.1AI score0.76042EPSS
Exploits1
Hacker One
Hacker One
added 2023/01/04 3:20 p.m.86 views

U.S. Dept Of Defense: [U.S. Air Force] Information disclosure due unauthenticated access to APIs and system browser functions

Multiple information exposure vulnerabilities were found in a Jira Server instance, allowing unauthenticated attackers to access APIs and system browser functions, leading to unauthorized access to sensitive data. The vulnerability was registered as CVE-2020-14179...

5.3CVSS5.4AI score0.76042EPSS
Exploits1
CVE
CVE
added 2021/12/20 10:44 p.m.34 views

CVE-2019-14179

CVE-2019-14179 is rejected/not used and does not represent an active vulnerability entry.

7.3AI score
Exploits0
Atlassian
Atlassian
added 2021/11/29 3:22 p.m.79 views

Information Disclosure ever after CVE-2020-14179/JRASERVER-71536

h3. Issue Summary Unauthorized access to data from the following API even if the public.access.disabled is enabled. /rest/api/2/projectCategory /rest/api/2/resolution /rest/menu/latest/admin h3. Steps to Reproduce - Install Jira 8.13.9 with H2 database - Create a project and some Project categori...

5.3CVSS5.7AI score0.76042EPSS
Exploits1
Hacker One
Hacker One
added 2021/07/27 12:14 p.m.69 views

U.S. Dept Of Defense: Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint on ████████

Description: Hi, While going through the testing of DoD assets, I have came across a subdomain that is vulnerable to CVE-2020-14179. Some of the internal fields that are exposed are Project, Status, Limits, Creator, Query, Created Date, Updated Date, Resolution Date, etc. References...

5CVSS1.5AI score0.76042EPSS
Exploits1
Hacker One
Hacker One
added 2021/07/27 12:5 p.m.19 views

U.S. Dept Of Defense: Sensitive data exposure via /secure/███████ endpoint on ████████

The sensitive data exposure vulnerability in the /secure/███████ endpoint on ████████ was identified. The vulnerability allowed unauthenticated attackers to view custom field names and custom SLA names. The vulnerability was caused by CVE-2020-14179...

5.3CVSS5.1AI score0.76042EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.12 views

SUSE SLES11 Security Update : libxml2 (SUSE-SU-2019:14179-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2019:14179-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C...

5.6AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2019:14179-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8AI score
Exploits0References3
Hacker One
Hacker One
added 2021/04/06 10:55 p.m.94 views

U.S. Dept Of Defense: Sensitive data exposure via https://███████/jira//secure/QueryComponent!Default.jspa - CVE-2020-14179

Description: Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. Impact...

5CVSS2.1AI score0.76042EPSS
Exploits1
Hacker One
Hacker One
added 2020/12/27 1:46 p.m.94 views

U.S. Dept Of Defense: Sensitive data exposure via https://███████/secure/QueryComponent!Default.jspa - CVE-2020-14179

Summary: Information Disclosure vulnerability in outdated Jira. Description: Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the...

5CVSS2.1AI score0.76042EPSS
Exploits1
Hacker One
Hacker One
added 2020/12/04 10:54 a.m.74 views

U.S. Dept Of Defense: Sensitive data exposure via https://███/secure/QueryComponent!Default.jspa - CVE-2020-14179

Summary: Information Disclosure vulnerability in outdated Jira. Description: Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the...

5CVSS2.1AI score0.76042EPSS
Exploits1
Rows per page
Query Builder