Lucene search
K

21 matches found

GithubExploit
GithubExploit
added 2026/04/29 3:58 a.m.119 views

Exploit for OS Command Injection in Php

PHP CVE Autopilot Fully automated detection and exploitat...

9.8CVSS7.2AI score0.99987EPSS
Exploits67
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.6 views

MiracleLinux 9 : php:8.3 (AXSA:2026-122:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-122:01 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk imag...

8.2CVSS5.7AI score0.00573EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.6 views

AlmaLinux 8 : php:8.2 (ALSA-2026:1412)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1412 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...

8.2CVSS5.8AI score0.00953EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.7 views

RockyLinux 9 : php:8.2 (RLSA-2026:1409)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1409 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...

8.2CVSS7AI score0.00953EPSS
Exploits6References13
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.5 views

RockyLinux 9 : php:8.3 (RLSA-2026:1429)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1429 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images...

8.2CVSS6.1AI score0.00573EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2026/01/27 7:37 p.m.9 views

Important: Red Hat Security Advisory: php:8.3 security update

An update for the php:8.3 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.2CVSS7.5AI score0.00573EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2026/01/26 12:19 p.m.5 views

Important: Red Hat Security Advisory: php:8.2 security update

An update for the php:8.2 module is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS7.5AI score0.00573EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2026/01/26 10:37 a.m.5 views

Important: Red Hat Security Advisory: php:8.2 security update

An update for the php:8.2 module is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS7.5AI score0.00573EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2026/01/09 12:0 a.m.3 views

openSUSE Security Advisory (SUSE-SU-2026:0071-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.5AI score0.00573EPSS
Exploits4References6
OSV
OSV
added 2026/01/08 1:22 p.m.3 views

SUSE-SU-2026:0071-1 Security update for php8

This update for php8 fixes the following issues: Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. - CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element...

8.2CVSS7.3AI score0.00573EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2026/01/08 12:0 a.m.8 views

Amazon Linux 2023 : php8.4, php8.4-bcmath, php8.4-cli (ALAS2023-2025-1352)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1352 advisory. NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfcDEBIANBUG: 1123574 CVE-2025-1417...

8.2CVSS5.4AI score0.00573EPSS
Exploits4References8
Amazon
Amazon
added 2026/01/07 12:0 a.m.6 views

Medium: php8.1

Issue Overview: NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7 NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfc DEBIANBUG: 1123574 CVE-2025-14177 NOTE: https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2 NOTE:...

8.2CVSS6.9AI score0.00573EPSS
Exploits4
Amazon
Amazon
added 2026/01/07 12:0 a.m.7 views

Medium: php8.2

Issue Overview: NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7 NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfc DEBIANBUG: 1123574 CVE-2025-14177 NOTE: https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2 NOTE:...

8.2CVSS6.6AI score0.00573EPSS
Exploits4
UbuntuCve
UbuntuCve
added 2025/12/27 8:15 p.m.4 views

CVE-2025-14180

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

8.2CVSS7.1AI score0.00573EPSS
Exploits2References4
Debian CVE
Debian CVE
added 2025/12/27 7:21 p.m.7 views

CVE-2025-14180

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

8.2CVSS7.5AI score0.00573EPSS
Exploits2
AlpineLinux
AlpineLinux
added 2025/12/27 7:21 p.m.4 views

CVE-2025-14180

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

8.2CVSS6.5AI score0.00573EPSS
Exploits2
OpenVAS
OpenVAS
added 2025/12/22 12:0 a.m.3 views

Mageia: Security Advisory (MGASA-2025-0330)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.5AI score0.00573EPSS
Exploits4References4
Debian
Debian
added 2025/12/21 11:38 a.m.6 views

[SECURITY] [DSA 6088-1] php8.4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6088-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 21, 2025 https://www.debian.org/security/faq -...

8.2CVSS6.6AI score0.00573EPSS
Exploits4
OpenVAS
OpenVAS
added 2025/12/19 12:0 a.m.2 views

Fedora: Security Advisory (FEDORA-2025-7e9290d67f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.5AI score0.00573EPSS
Exploits4References23
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.60 views

PHP 8.3.x < 8.3.29 Multiple Vulnerabilities

The version of PHP installed on the remote host is prior to 8.3.29. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.3.29 advisory. - Debian Linux - php7.4 - None php8.2 - None php8.4 - None Ubuntu Linux - Unknown description CVE-2025-14178, CVE-2025-14180 -...

8.2CVSS5.5AI score0.00573EPSS
Exploits4References7
Rows per page
Query Builder