Lucene search
K

49 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-005380)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005380 advisory. In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient...

7.3CVSS6AI score0.00531EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/02/10 8:28 p.m.4 views

php: Stream HTTP wrapper header check might omit basic auth header

A flaw was found in PHP. This vulnerability allows certain headers to be either not sent or misinterpreted due to insufficient validation of the end-of-line characters via user-supplied headers...

7.3CVSS5.7AI score0.00531EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/09/11 12:0 p.m.115 views

php: Stream HTTP wrapper header check might omit basic auth header

A flaw was found in PHP. This vulnerability allows certain headers to be either not sent or misinterpreted due to insufficient validation of the end-of-line characters via user-supplied headers...

7.3CVSS5.7AI score0.00531EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-1736

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient...

7.3CVSS6.5AI score0.00531EPSS
Exploits0References2
OSV
OSV
added 2025/07/31 5:11 p.m.9 views

CLSA-2025-1753981912 php: Fix of CVE-2025-1736

CVE-2025-1736: validate end-of-line characters in user-supplied headers to prevent headers from being misinterpreted...

7.3CVSS5.8AI score0.00531EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in PHP 8.2

In PHP versions starting from 8.1. up to 8.1.32, from 8.2. up to 8.2.28, from 8.3. up to 8.3.19, and from 8.4. up to 8.4.5, when user-supplied headers are sent, insufficient validation of line-end characters may prevent certain headers from being sent or may lead to misinterpretation of certain...

7.3CVSS6.5AI score0.00531EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/05/13 1:59 p.m.6 views

php: Stream HTTP wrapper header check might omit basic auth header

A flaw was found in PHP. This vulnerability allows certain headers to be either not sent or misinterpreted due to insufficient validation of the end-of-line characters via user-supplied headers...

7.3CVSS5.7AI score0.00531EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 1:59 p.m.37 views

php: Stream HTTP wrapper header check might omit basic auth header

A flaw was found in PHP. This vulnerability allows certain headers to be either not sent or misinterpreted due to insufficient validation of the end-of-line characters via user-supplied headers...

7.3CVSS5.7AI score0.00531EPSS
Exploits0References5
OSV
OSV
added 2025/04/14 11:39 a.m.9 views

BIT-PHP-MIN-2025-1736 Stream HTTP wrapper header check might omit basic auth header

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

7.3CVSS6AI score0.00531EPSS
Exploits0References4
OSV
OSV
added 2025/03/30 6:15 a.m.7 views

AZL-59331 CVE-2025-1736 affecting package php for versions less than 8.3.19-1

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

7.3CVSS6.7AI score0.00531EPSS
Exploits0References1
OSV
OSV
added 2025/03/30 6:15 a.m.8 views

AZL-59303 CVE-2025-1736 affecting package php for versions less than 8.1.32-1

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

7.3CVSS6.7AI score0.00531EPSS
Exploits0References1
OSV
OSV
added 2025/03/30 6:15 a.m.4 views

DEBIAN-CVE-2025-1736

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

7.3CVSS6.2AI score0.00531EPSS
Exploits0References1
OSV
OSV
added 2025/03/30 5:49 a.m.13 views

CVE-2025-1736 Stream HTTP wrapper header check might omit basic auth header

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

6.3CVSS6.7AI score0.00531EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2025/03/30 5:49 a.m.12 views

CVE-2025-1736

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

7.3CVSS6.3AI score0.00531EPSS
Exploits0
CNNVD
CNNVD
added 2025/03/30 12:0 a.m.4 views

PHP 安全漏洞

PHP is a scripting language in which PHP is executed server-side. A security vulnerability exists in PHP versions prior to 8.1.32, 8.2.28, 8.3.19, and 8.4.5, which stems from an insufficient validation of end-of-line characters when sending user-supplied headers may result in certain headers not...

7.3CVSS6.1AI score0.00531EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/03/16 2:48 a.m.2 views

SUSE CVE-2025-1736

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

7.3CVSS7AI score0.00531EPSS
Exploits0References15
OSV
OSV
added 2025/03/14 12:0 a.m.1 views

UBUNTU-CVE-2025-1736

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

7.3CVSS6.7AI score0.00531EPSS
Exploits0References6
OSV
OSV
added 2025/01/17 10:44 p.m.7 views

CLSA-2025-1737153872 vim: Fix of CVE-2023-0433

CVE-2023-0433: check for not going over the end of the line to fix reading past the end of a line when formatting text...

7.8CVSS7.1AI score0.00555EPSS
Exploits1References1
Redos
Redos
added 2024/04/12 12:0 a.m.48 views

ROS-20240412-06

A vulnerability in the OpenSSL library's implementation of the SM2 cryptographic algorithm is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by transmitting specially crafte...

9.8CVSS8.6AI score0.87816EPSS
Exploits2
OSV
OSV
added 2023/02/02 9:34 p.m.7 views

CLSA-2023-1675373662 vim: Fix of CVE-2023-0433

CVE-2023-0433: check for not going over the end of the line...

7.8CVSS7.1AI score0.00555EPSS
Exploits1References1
Rows per page
Query Builder