Lucene search
K

22 matches found

GithubExploit
GithubExploit
added 2026/05/18 10:0 a.m.87 views

Exploit for Out-of-bounds Read in Php

CVE-2025-14177 — PHP getimagesize Heap Memory Leak Fo...

7.5CVSS7.1AI score0.00474EPSS
Exploits3
GithubExploit
GithubExploit
added 2026/04/29 3:58 a.m.119 views

Exploit for OS Command Injection in Php

PHP CVE Autopilot Fully automated detection and exploitat...

9.8CVSS7.2AI score0.99987EPSS
Exploits67
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.6 views

MiracleLinux 9 : php:8.3 (AXSA:2026-122:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-122:01 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk imag...

8.2CVSS5.7AI score0.00573EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.6 views

AlmaLinux 8 : php:8.2 (ALSA-2026:1412)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1412 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...

8.2CVSS5.8AI score0.00953EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.7 views

RockyLinux 9 : php:8.2 (RLSA-2026:1409)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1409 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...

8.2CVSS7AI score0.00953EPSS
Exploits6References13
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.5 views

RockyLinux 9 : php:8.3 (RLSA-2026:1429)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1429 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images...

8.2CVSS6.1AI score0.00573EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2026/01/27 7:37 p.m.9 views

Important: Red Hat Security Advisory: php:8.3 security update

An update for the php:8.3 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.2CVSS7.5AI score0.00573EPSS
Exploits4References4
Amazon
Amazon
added 2026/01/22 12:0 a.m.7 views

Medium: php

Issue Overview: NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7 NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfc DEBIANBUG: 1123574 CVE-2025-14177 NOTE: https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2 NOTE:...

8.2CVSS5.6AI score0.00573EPSS
Exploits4
OSV
OSV
added 2026/01/09 2:6 p.m.4 views

OESA-2026-1021 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

8.2CVSS7.1AI score0.00474EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2026/01/09 12:0 a.m.3 views

openSUSE Security Advisory (SUSE-SU-2026:0071-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.5AI score0.00573EPSS
Exploits4References6
OSV
OSV
added 2026/01/08 1:22 p.m.3 views

SUSE-SU-2026:0071-1 Security update for php8

This update for php8 fixes the following issues: Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. - CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element...

8.2CVSS7.3AI score0.00573EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2026/01/08 12:0 a.m.8 views

Amazon Linux 2023 : php8.4, php8.4-bcmath, php8.4-cli (ALAS2023-2025-1352)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1352 advisory. NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfcDEBIANBUG: 1123574 CVE-2025-1417...

8.2CVSS5.4AI score0.00573EPSS
Exploits4References8
Amazon
Amazon
added 2026/01/07 12:0 a.m.6 views

Medium: php8.1

Issue Overview: NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7 NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfc DEBIANBUG: 1123574 CVE-2025-14177 NOTE: https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2 NOTE:...

8.2CVSS6.9AI score0.00573EPSS
Exploits4
Amazon
Amazon
added 2026/01/07 12:0 a.m.7 views

Medium: php8.2

Issue Overview: NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7 NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfc DEBIANBUG: 1123574 CVE-2025-14177 NOTE: https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2 NOTE:...

8.2CVSS6.6AI score0.00573EPSS
Exploits4
Debian CVE
Debian CVE
added 2025/12/27 7:33 p.m.5 views

CVE-2025-14177

In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, the getimagesize function may leak uninitialized heap memory into the APPn segments e.g., APP1 when reading images in multi-chunk mode such as via php://filter. This occurs due to a...

7.5CVSS7.5AI score0.00474EPSS
Exploits3
OpenVAS
OpenVAS
added 2025/12/22 12:0 a.m.3 views

Mageia: Security Advisory (MGASA-2025-0330)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.5AI score0.00573EPSS
Exploits4References4
Debian
Debian
added 2025/12/21 11:38 a.m.6 views

[SECURITY] [DSA 6088-1] php8.4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6088-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 21, 2025 https://www.debian.org/security/faq -...

8.2CVSS6.6AI score0.00573EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2025/12/21 12:0 a.m.4 views

Debian dsa-6088 : libapache2-mod-php8.4 - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6088 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6088-1 [email protected] https://www.debian.org/securit...

8.2CVSS5.5AI score0.00573EPSS
Exploits4References8
OpenVAS
OpenVAS
added 2025/12/19 12:0 a.m.2 views

Fedora: Security Advisory (FEDORA-2025-7e9290d67f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.5AI score0.00573EPSS
Exploits4References23
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.60 views

PHP 8.3.x < 8.3.29 Multiple Vulnerabilities

The version of PHP installed on the remote host is prior to 8.3.29. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.3.29 advisory. - Debian Linux - php7.4 - None php8.2 - None php8.4 - None Ubuntu Linux - Unknown description CVE-2025-14178, CVE-2025-14180 -...

8.2CVSS5.5AI score0.00573EPSS
Exploits4References7
Rows per page
Query Builder