Lucene search
K

104 matches found

OSV
OSV
added 2026/05/22 1:8 p.m.9 views

CLSA-2025-1754342894 php: Fix of CVE-2025-6491

CVE-2025-6491: fix buffer overflow vulnerability...

5.9CVSS7.1AI score0.00944EPSS
Exploits1References1
Circl
Circl
added 2026/04/17 7:5 p.m.7 views

CVE-2026-6491

creationtimestamp| type| source ---|---|--- 2026-04-17 19:05:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjpmksr5uf2d...

5.3CVSS5.7AI score0.0016EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/17 4:14 p.m.4 views

CVE-2026-6491

A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function imminposvec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack has to be approached...

5.3CVSS5.3AI score0.0016EPSS
Exploits0References2
OSV
OSV
added 2026/04/17 2:16 p.m.5 views

DEBIAN-CVE-2026-6491

A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function imminposvec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack has to be approached...

4.8CVSS5.3AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2026/04/17 2:16 p.m.6 views

CVE-2026-6491

A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function imminposvec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack has to be approached...

5.3CVSS0.0016EPSS
Exploits0References7
OSV
OSV
added 2026/04/17 2:16 p.m.6 views

UBUNTU-CVE-2026-6491

A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function imminposvec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack has to be approached...

5.3CVSS5.8AI score0.0016EPSS
Exploits0References3
CVE
CVE
added 2026/04/17 1:45 p.m.14 views

CVE-2026-6491

Affected software and component: libvips (up to 8.18.2), specifically the nip2 Handler’s function im_minpos_vec in libvips/deprecated/vips7compat.c. Root cause / vulnerability: manipulation of the argument n leads to a heap-based buffer overflow. Impact (as stated): local attack feasibility with ...

5.3CVSS5.9AI score0.0016EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-6491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function imminposvec of the file libvips/deprecated/vips7compat....

5.3CVSS5.5AI score0.0016EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.6 views

AlmaLinux 8 : php:8.2 (ALSA-2026:1412)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1412 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...

8.2CVSS5.8AI score0.00953EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.7 views

RockyLinux 9 : php:8.2 (RLSA-2026:1409)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1409 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...

8.2CVSS7AI score0.00953EPSS
Exploits6References13
OSV
OSV
added 2025/10/09 1:43 p.m.4 views

CLSA-2025-1760017411 Fix CVE(s): CVE-2025-6491

SECURITY UPDATE: fix NULL pointer dereference in SOAP with huge QName - debian/patches/CVE-2025-6491.patch: Add safeguard in ext/soap/soap.c to handle invalid XML node names produced by libxml2 with extremely large namespace prefixes - CVE-2025-6491...

5.9CVSS7AI score0.00944EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2025/09/04 7:44 a.m.9 views

USN-7648-3: PHP regression

USN-7648-2 fixed vulnerabilities in PHP. The patch for CVE-2025-1735 caused a regression in php7.0, php7.2 and php7.4. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null...

7.5CVSS6.8AI score0.00953EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2025/09/03 8:41 p.m.3 views

CVE-2025-6491 affecting package php for versions less than 8.3.23-1

CVE-2025-6491 affecting package php for versions less than 8.3.23-1. A patched version of the package is available...

5.9CVSS6.9AI score0.00944EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-6491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. before 8.4.10 when parsing XML data in SOAP extensions, overly large 2Gb XML...

5.9CVSS7.2AI score0.00944EPSS
Exploits1References3
Amazon
Amazon
added 2025/08/08 12:0 a.m.5 views

Medium: php8.2

Issue Overview: fsockopen doesn't regard hostname as well, hostname is terminated at the null byte. This can cause Server Side Request Forgery in general case. CVE-2025-1220 Missing error checking could result in SQL injection and missing error handling could lead to crashes due to null pointer...

7.5CVSS7.7AI score0.00953EPSS
Exploits2
CBLMariner
CBLMariner
added 2025/08/07 3:7 p.m.2 views

CVE-2025-6491 affecting package php for versions less than 8.1.33-1

CVE-2025-6491 affecting package php for versions less than 8.1.33-1. An upgraded version of the package is available that resolves this issue...

5.9CVSS9.6AI score0.00944EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

CBL Mariner 2.0 Security Update: php (CVE-2025-6491)

The version of php installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6491 advisory. - In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. before 8.4.10 when parsing XML...

5.9CVSS8.1AI score0.00944EPSS
Exploits1References2
OSV
OSV
added 2025/08/05 8:6 a.m.4 views

CLSA-2025-1754381195 php: Fix of CVE-2025-6491

CVE-2025-6491: fix buffer overflow vulnerability...

5.9CVSS7.3AI score0.00944EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/07/28 12:0 a.m.9 views

openSUSE Security Advisory (SUSE-SU-2025:02474-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.7AI score0.00953EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2025/07/28 12:0 a.m.8 views

openSUSE Security Advisory (SUSE-SU-2025:02473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.7AI score0.00953EPSS
Exploits2References6
Rows per page
Query Builder