Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : PHP vulnerabilities (USN-7953-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7953-1 advisory. It was discovered that PHP incorrectly handled memory while reading images in multi-chunk mode. An...

SUSE SLES15 Security Update : php8 (SUSE-SU-2026:0086-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0086-1 advisory. Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading imag...

Security update for php8

This update for php8 fixes the following issues: Security fixes: CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element cou...

CVE-2025-12967

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS users. We recommend customers...

The vulnerability of the implementation of the “java.sql.ResultRow.refreshRow()” method in the JDBC driver (PgJDBC) allows a hacker to execute arbitrary code.

The vulnerability of the “java.sql.ResultRow.refreshRow” method implementation in the JDBC driver PgJDBC is related to the lack of security measures for handling SQL queries. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted SQL query remote...