CVE-2026-7262 vulnerabilities

Vulnerabilities for packages: php...

CVE-2026-6735 vulnerabilities

Vulnerabilities for packages: php...

CVE-2026-7259 vulnerabilities

Vulnerabilities for packages: php...

CVE-2026-7258 vulnerabilities

Vulnerabilities for packages: php...

Linux Distros Unpatched Vulnerability : CVE-2026-6722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores...

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan RAT that's functional on Windows, macOS, and Linux systems. The names of the packages are listed below - nhattuanbl/lara-helper...

CVE-2024-41924

Acceptance of extraneous untrusted data with trusted data vulnerability exists in EC-CUBE 4 series. If this vulnerability is exploited, an attacker who obtained the administrative privilege may install an arbitrary PHP package. If the obsolete versions of PHP packages are installed, the product m...

CVE-2007-3205 vulnerabilities

Vulnerabilities for packages: php...

GHSA-9J84-7RQ9-W2FQ vulnerabilities

Vulnerabilities for packages: php...

GHSA-85QM-C7Q8-MXVH vulnerabilities

Vulnerabilities for packages: php...

Ubuntu: Security Advisory (USN-7648-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: php

Issue Overview: fsockopen doesn't regard hostname as well, hostname is terminated at the null byte. This can cause Server Side Request Forgery in general case. CVE-2025-1220 Missing error checking could result in SQL injection and missing error handling could lead to crashes due to null pointer...

SUSE SLES15 Security Update : php8 (SUSE-SU-2025:02463-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02463-1 advisory. - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not check for...

CVE-2017-6485 vulnerabilities

Vulnerabilities for packages: php...

CVE-2022-4455 vulnerabilities

Vulnerabilities for packages: php...

MGASA-2025-0203 Updated php packages fix security vulnerabilities

PGSQL: Fixed GHSA-hrwm-9436-5mv3 pgsql extension does not check for errors during escaping. CVE-2025-1735 SOAP: Fixed GHSA-453j-q27h-5p8x NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix. CVE-2025-6491 Standard: Fixed GHSA-3cr5-j632-f35r Null byte termination in...

Updated php packages fix security vulnerabilities

PGSQL: Fixed GHSA-hrwm-9436-5mv3 pgsql extension does not check for errors during escaping. CVE-2025-1735 SOAP: Fixed GHSA-453j-q27h-5p8x NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix. CVE-2025-6491 Standard: Fixed GHSA-3cr5-j632-f35r Null byte termination in...

Slackware: Security Advisory (SSA:2025-184-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 9 : php:8.3 (ALSA-2025:7418)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7418 advisory. php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth header...

Oracle Linux 10 : php (ELSA-2025-7489)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7489 advisory. 8.3.19-1 - rebase to 8.3.19 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...