CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13196 matches found

Redos•added 2026/01/29 12:0 a.m.•4 views

ROS-20260129-73-0038

A vulnerability in the libpq library of the PostgreSQL database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.9CVSS6AI score0.00301EPSS

Exploits0

Tenable Nessus•added 2026/01/29 12:0 a.m.•6 views

SUSE SLES16 Security Update : php8 (SUSE-SU-2026:20146-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20146-1 advisory. Version update to 8.4.16: Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn...

8.2CVSS6.1AI score0.00573EPSS

Exploits4References11

OSV•added 2026/01/28 9:7 a.m.•6 views

RLSA-2026:1429 Important: php:8.3 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images CVE-2025-14177 php: PHP: Denial of Service...

7.5CVSS6.1AI score0.00573EPSS

Exploits4References4

Rockylinux•added 2026/01/28 9:7 a.m.•4 views

php:8.3 security update

An update is available for module.php-pecl-redis6, module.php, php-pecl-redis6, module.php-pecl-apcu, php-pecl-rrd, php-pecl-zip, php, module.php-pecl-zip, module.php-pecl-rrd, php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-xdebug3. This update affects Rocky Linux 9. A Common Vulnerability...

8.2CVSS6.1AI score0.00573EPSS

Exploits4

Rockylinux•added 2026/01/28 9:7 a.m.•5 views

php:8.2 security update

An update is available for module.php, module.php-pecl-apcu, php-pecl-rrd, php-pecl-zip, php, module.php-pecl-zip, module.php-pecl-rrd, php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-xdebug3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a...

8.2CVSS7AI score0.00953EPSS

Exploits6

OSV•added 2026/01/28 9:5 a.m.•5 views

RLSA-2026:1412 Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...

7.5CVSS6.1AI score0.00953EPSS

Exploits6References7

Rockylinux•added 2026/01/28 9:5 a.m.•7 views

php:8.2 security update

An update is available for module.php, module.php-pear, module.php-pecl-apcu, php-pecl-rrd, module.php-pecl-xdebug3, php, php-pear, php-pecl-zip, module.php-pecl-zip, module.php-pecl-rrd, php-pecl-apcu, php-pecl-xdebug3, module.libzip, libzip. This update affects Rocky Linux 8. A Common...

8.2CVSS6.1AI score0.00953EPSS

Exploits6

Tenable Nessus•added 2026/01/28 12:0 a.m.•5 views

openSUSE 16 Security Update : php8 (openSUSE-SU-2026:20113-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20113-1 advisory. Version update to 8.4.16: Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when...

8.2CVSS6.1AI score0.00573EPSS

Exploits4References10

Tenable Nessus•added 2026/01/28 12:0 a.m.•4 views

RockyLinux 9 : php:8.3 (RLSA-2026:1429)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1429 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images...

8.2CVSS6.1AI score0.00573EPSS

Exploits4References7

RedHat Linux•added 2026/01/27 7:37 p.m.•2 views

php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement

A flaw was found in PHP. When the PDO PHP Data Objects PostgreSQL driver is configured with PDO::ATTREMULATEPREPARES enabled, a remote attacker can exploit a vulnerability by providing an invalid character sequence within a prepared statement parameter. This can cause a null pointer dereference,...

8.2CVSS5.8AI score0.00573EPSS

Exploits2References5

RedHat Linux•added 2026/01/27 6:7 p.m.•5 views

php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement

8.2CVSS5.8AI score0.00573EPSS

Exploits2References5

RedHat Linux•added 2026/01/27 5:44 p.m.•1 views

php: pgsql extension does not check for errors during escaping

A flaw was found in PHP. Missing error checking could result in SQL injection, and missing error handling could lead to crashes due to null pointer dereferences...

7.5CVSS5.8AI score0.00953EPSS

Exploits0References5

RedHat Linux•added 2026/01/27 5:44 p.m.•4 views

php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement

8.2CVSS5.8AI score0.00573EPSS

Exploits2References5

OSV•added 2026/01/27 12:26 p.m.•6 views

CLSA-2026-1769516785 postgresql: Fix of CVE-2025-12817

CVE-2025-12817: fix missing CREATE privilege check on target schema in CREATE STATISTICS, preventing unauthorized statistics creation...

3.1CVSS5.8AI score0.00197EPSS

Exploits0References1

Tenable Nessus•added 2026/01/27 12:0 a.m.•5 views

RHEL 9 : php:8.3 (RHSA-2026:1429)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1429 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in...

8.2CVSS6.2AI score0.00573EPSS

Exploits4References8

OSV•added 2026/01/27 12:0 a.m.•4 views

ALSA-2026:1429 Important: php:8.3 security update

8.2CVSS5.7AI score0.00573EPSS

Exploits4References8