Lucene search
K

77 matches found

OSV
OSV
added 2026/07/02 10:17 a.m.2 views

RHSA-2026:34354 Red Hat Security Advisory: php:7.4 security update

Bulletin has no description...

7.7CVSS7.1AI score0.0078EPSS
Exploits1References34
Rockylinux
Rockylinux
added 2026/07/02 12:1 a.m.7 views

php:7.4 security update

An update is available for module.libzip, php-pear, php-pecl-xdebug, libzip, php, module.php-pecl-xdebug, php-pecl-rrd, module.php, module.php-pecl-apcu, module.php-pecl-rrd, php-pecl-zip, module.php-pecl-zip, module.php-pear, php-pecl-apcu. This update affects Rocky Linux 8. A Common Vulnerabili...

9.8CVSS7.2AI score0.0078EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/07/01 5:14 p.m.8 views

Important: Red Hat Security Advisory: php:7.4 security update

An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.4AI score0.0078EPSS
Exploits1References8
OSV
OSV
added 2026/06/27 1:20 p.m.2 views

MINI-JGQH-X95X-PHP7

Bulletin has no description...

10CVSS5.7AI score0.0044EPSS
Exploits0
NVD
NVD
added 2026/06/19 6:16 p.m.11 views

CVE-2026-49286

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, pontedilana/php-weasyprint guarded the output filename against the phar:// stream wrapper with a case-sensitive blacklist. PHP stream wrappers are case-insensitive, so PHAR://, Phar://, etc...

8.1CVSS0.00555EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/19 5:3 p.m.5 views

CVE-2026-49286

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, pontedilana/php-weasyprint guarded the output filename against the phar:// stream wrapper with a case-sensitive blacklist. PHP stream wrappers are case-insensitive, so PHAR://, Phar://, etc...

8.1CVSS6.2AI score0.00555EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/19 5:3 p.m.18 views

CVE-2026-49286 PhpWeasyPrint vulnerable to PHAR deserialization via output filename (CVE-2023-28115 case-insensitive bypass)

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, pontedilana/php-weasyprint guarded the output filename against the phar:// stream wrapper with a case-sensitive blacklist. PHP stream wrappers are case-insensitive, so PHAR://, Phar://, etc...

8.1CVSS0.00555EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in PHP 7.3, PHP 8.1

Due to an incomplete fix for CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p, network and same-site attackers can set an insecure cookie in the victim’s browser. This cookie is treated as a Host- or Secure-cookie by PHP applications...

6.5CVSS6.6AI score0.3786EPSS
Exploits0References2
Debian
Debian
added 2026/05/15 10:59 p.m.18 views

[SECURITY] [DLA 4586-1] php7.4 security update

Debian LTS Advisory DLA-4586-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 16, 2026 https://wiki.debian.org/LTS Package : php7.4 Version : 7.4.33-1+deb11u11 CVE ID : CVE-2026-6722 CVE-2026-6735 CVE-2026-7258 CVE-2026-7261 CVE-2026-7262 CVE-2026-7568 Debian...

9.8CVSS6.4AI score0.0078EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.9 views

Debian dla-4586 : libapache2-mod-php7.4 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4586 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4586-1 [email protected]...

9.8CVSS6.4AI score0.0078EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.15 views

PT-2026-39402

Name of the Vulnerable Software and Affected Versions Yii Framework versions prior to 2.0.55 Description Internal variables in the View::renderPhpFile and ErrorHandler::renderFile functions are not isolated, which can lead to parameter collisions that allow the overriding of included file paths...

7.4CVSS5.8AI score0.00442EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.21 views

Linux Distros Unpatched Vulnerability : CVE-2026-7568

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a...

7.5CVSS5.5AI score0.00455EPSS
Exploits0References2
OSV
OSV
added 2026/03/13 10:18 a.m.6 views

RHSA-2026:4507 Red Hat Security Advisory: php:7.4 security update

Bulletin has no description...

6.5CVSS5.7AI score0.00428EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.10 views

TencentOS Server 3: php:7.4 (TSSA-2026:0172)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0172 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS7.7AI score0.02286EPSS
Exploits10References14
Tenable Nessus
Tenable Nessus
added 2026/03/12 12:0 a.m.4 views

RHEL 8 : php:7.4 (RHSA-2026:4514)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4514 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in arraymerge...

8.2CVSS6.1AI score0.00428EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/03/12 12:0 a.m.4 views

RHEL 8 : php:7.4 (RHSA-2026:4517)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4517 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in arraymerge...

8.2CVSS6.1AI score0.00428EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.7 views

Oracle Linux 8 : php:7.4 (ELSA-2026-2470)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2470 advisory. - Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234 - Fix Single byte overread with...

9.8CVSS8.2AI score0.02286EPSS
Exploits10References14
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.8 views

RockyLinux 8 : php:7.4 (RLSA-2026:2470)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2470 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-deco...

9.8CVSS7.9AI score0.02286EPSS
Exploits10References27
RedHat Linux
RedHat Linux
added 2026/02/10 8:28 p.m.10 views

Moderate: Red Hat Security Advisory: php:7.4 security update

An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.2AI score0.02286EPSS
Exploits10References14
OpenVAS
OpenVAS
added 2026/01/26 12:0 a.m.7 views

Debian: Security Advisory (DLA-4447-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS5.9AI score0.00428EPSS
Exploits1References2
Rows per page
Query Builder