Lucene search
K

4 matches found

OSV
OSV
added 2025/08/11 1:53 p.m.5 views

BIT-LIBPHP-2022-31629 $_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a Host- or Secure- cookie by PHP applications...

6.5CVSS6.7AI score0.49336EPSS
Exploits2References15
OSV
OSV
added 2025/08/11 1:53 p.m.2 views

BIT-LIBPHP-2022-31628 phar wrapper can occur dos when using quine gzip file

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...

5.5CVSS7.4AI score0.00565EPSS
Exploits0References9
OSV
OSV
added 2022/09/28 11:15 p.m.3 views

DEBIAN-CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a Host- or Secure- cookie by PHP applications...

6.5CVSS7.1AI score0.49336EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2008/01/11 12:37 p.m.19 views

PostgreSQL privilege escalation via dblink

The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete...

7.2CVSS5.9AI score0.01573EPSS
Exploits0References4
Rows per page
Query Builder