Lucene search
K

1368 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.10 views

PHP 8.2.x < 8.2.32

The version of PHP installed on the remote host is prior to 8.2.32. It is, therefore, affected by a vulnerability as referenced in the Version 8.2.32 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEV...

5.6CVSS6AI score0.00306EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.18 views

PT-2026-50251

Name of the Vulnerable Software and Affected Versions Trivy versions prior to 0.71.1 Description Trivy improperly trusts the org.opencontainers.image.title annotation in an OCI artifact manifest, using it as the destination filename when downloading content without proper validation or...

7.5CVSS5.9AI score0.00292EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.16 views

PT-2026-48912

The Aqara Developer Portal developer.aqara.com and shared test environments developer-test.aqara.com, aiot-test.aqara.com exhibit cross-origin request sharing, which is an instance of "CWE-942: Permissive Cross-domain Policy with Untrusted Domains," and has an estimated CVSS of...

8.2CVSS5.2AI score0.00215EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.17 views

RHEL 9 : php:8.2 (RHSA-2026:22143)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22143 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via...

8.8CVSS5.6AI score0.0078EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.14 views

CVE-2026-6914

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

7.5CVSS5.4AI score0.00255EPSS
Exploits0References1
OSV
OSV
added 2026/06/02 10:8 a.m.7 views

RHSA-2026:22305 Red Hat Security Advisory: php:8.2 security update

Bulletin has no description...

7.5CVSS5.7AI score0.0078EPSS
Exploits1References23
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Vim

Use After Free in the GitHub repository vim/vim before version 8.2...

8.4CVSS7.2AI score0.01395EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in PHP 8.1

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, and 8.3. before 8.3.12, when using PHP-FPM SAPI and the option catchworkersoutput is set to yes, it is possible to manipulate the log messages by removing up to 4 characters from the log messages. Additionally, if PHP-FPM is configured to us...

3.3CVSS6.7AI score0.00482EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Vim

Out-of-bounds read in the GitHub repository for Vim before version 8.2...

7.8CVSS6.7AI score0.0145EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Vim

Use of out-of-range pointer offset in the GitHub repository vim/vim before version 8.2...

8.4CVSS7.2AI score0.01607EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Vim

Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 8.2...

7.8CVSS7.1AI score0.01473EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Vim

Out-of-bounds read in the GitHub repository for Vim before version 8.2...

7.8CVSS7.1AI score0.013EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Vim

Buffer over-reading in the GitHub repository vim/vim before version 8.2...

7.8CVSS7.1AI score0.01601EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Vim

Out-of-bounds read in the GitHub repository for Vim before version 8.2...

7.8CVSS6.8AI score0.01521EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-021473)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021473 advisory. In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed i...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References4
CVE
CVE
added 2026/05/13 12:19 a.m.56 views

CVE-2026-8202

CVE-2026-8202 affects MongoDB Server prior to certain fixed versions: v7.0 before 7.0.34, v8.0 before 8.0.23, v8.2 before 8.2.9, and v8.3 before 8.3.2. The issue is a post-authentication CPU DoS caused by using a densely populated characters mask with large input strings in the MongoDB aggregatio...

6.5CVSS5.8AI score0.00263EPSS
Exploits0References1Affected Software1
MongoDB
MongoDB
added 2026/05/13 12:12 a.m.13 views

Use-After-Free in MongoDB FLE Query Analysis When Processing Positional Projections on Encrypted Fields

A use-after-free vulnerability exists in MongoDB's Field-Level Encryption FLE query analysis component, affecting client-side uses of mongocryptd and cryptshared. Triggering this vulnerability requires control over the structure of a client's FLE-related query. This issue impacts MongoDB Server’s...

8.8CVSS5.8AI score0.00129EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/12 8:56 a.m.8 views

BIT-PHP-MIN-2026-7258 Out-of-bounds read in urldecode() on NetBSD

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, some functions, including urldecode, pass signed char to ctype functions like isxdigit. On the systems with default signed char and optimized table-lookup ctype functions - such as NetBSD - this can...

7.5CVSS5.8AI score0.00337EPSS
Exploits0References2
OSV
OSV
added 2026/05/12 8:56 a.m.22 views

BIT-PHP-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References12
OSV
OSV
added 2026/05/12 8:50 a.m.8 views

BIT-LIBPHP-2026-7258 Out-of-bounds read in urldecode() on NetBSD

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, some functions, including urldecode, pass signed char to ctype functions like isxdigit. On the systems with default signed char and optimized table-lookup ctype functions - such as NetBSD - this can...

7.5CVSS5.8AI score0.00337EPSS
Exploits0References2
Rows per page
Query Builder