Lucene search
K

64 matches found

Rockylinux
Rockylinux
added 6 days ago7 views

php:7.4 security update

An update is available for module.libzip, php-pear, php-pecl-xdebug, libzip, php, module.php-pecl-xdebug, php-pecl-rrd, module.php, module.php-pecl-apcu, module.php-pecl-rrd, php-pecl-zip, module.php-pecl-zip, module.php-pear, php-pecl-apcu. This update affects Rocky Linux 8. A Common Vulnerabili...

9.8CVSS7.2AI score0.0078EPSS
Exploits1
RedHat Linux
RedHat Linux
added last week4 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added last week5 views

PHP: PHP SoapServer: Memory corruption and information disclosure via incorrect persistence handling

A flaw was found in the PHP SoapServer component. When the server is configured to maintain session persistence, an error during a SOAP request can cause the system to incorrectly manage memory. This can lead to a "use-after-free" vulnerability, where the system attempts to use memory that has...

9.8CVSS7.2AI score0.00302EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 11:12 a.m.5 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 11:12 a.m.4 views

PHP: PHP SoapServer: Memory corruption and information disclosure via incorrect persistence handling

A flaw was found in the PHP SoapServer component. When the server is configured to maintain session persistence, an error during a SOAP request can cause the system to incorrectly manage memory. This can lead to a "use-after-free" vulnerability, where the system attempts to use memory that has...

9.8CVSS7.2AI score0.00302EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 11:12 a.m.5 views

Important: Red Hat Security Advisory: php security update

An update for php is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

9.8CVSS7.1AI score0.0078EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2026/06/04 4:15 p.m.10 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/01 3:37 a.m.16 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/01 3:18 a.m.23 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.16 views

Amazon Linux 2023 : php8.5, php8.5-bcmath, php8.5-cli (ALAS2023-2026-1733)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1733 advisory. uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes. CVE-2026-42371 In uriparser before 1.0.2, there is pointer...

9.8CVSS6.4AI score0.0078EPSS
Exploits1References24
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in PHP 7.3

In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15, and 8.0.x below 8.0.2, when using the SOAP extension to connect to a SOAP server, a malicious SOAP server may return malformed XML data as a response. This could cause PHP to access a null pointer, resulting in a crash...

7.5CVSS7AI score0.03179EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/19 7:30 p.m.10 views

CVE-2026-7262

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.7AI score0.0078EPSS
Exploits0References4
OSV
OSV
added 2026/05/19 8:25 a.m.6 views

CLSA-2026-1779179106 php: Fix of 2 CVEs

CVE-2026-7261: SOAP UAF on SoapServer::handle header-handler failure - CVE-2026-7262: SOAP tozvalmap NULL pointer dereference...

9.8CVSS5.8AI score0.0078EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 8:20 a.m.9 views

CLSA-2026-1779178796 php: Fix of 2 CVEs

CVE-2026-7261: SOAP UAF on SoapServer::handle header-handler failure - CVE-2026-7262: SOAP tozvalmap NULL pointer dereference...

9.8CVSS5.8AI score0.0078EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.10 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-021474)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021474 advisory. In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References4
OSV
OSV
added 2026/05/12 8:56 a.m.6 views

BIT-PHP-MIN-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References12
OSV
OSV
added 2026/05/12 8:56 a.m.7 views

BIT-PHP-MIN-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

9.8CVSS5.8AI score0.00302EPSS
Exploits0References2
OSV
OSV
added 2026/05/12 8:56 a.m.9 views

BIT-PHP-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References12
OSV
OSV
added 2026/05/12 8:56 a.m.8 views

BIT-PHP-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

9.8CVSS5.8AI score0.00302EPSS
Exploits0References2
OSV
OSV
added 2026/05/12 8:50 a.m.12 views

BIT-LIBPHP-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

9.8CVSS5.8AI score0.00302EPSS
Exploits0References2
Rows per page
Query Builder