Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Microsoft CVE
Microsoft CVEadded 2025/09/03 10:31 p.m.1 views

Reference counting in php_request_shutdown causes Use-After-Free

...

9.2CVSS7AI score0.00569EPSS
Exploits1
OSV
OSVadded 2025/08/11 1:54 p.m.2 views

BIT-LIBPHP-2024-11235 Reference counting in php_request_shutdown causes Use-After-Free

In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the...

9.2CVSS8.1AI score0.00569EPSS
Exploits1References2
RedHat Linux
RedHat Linuxadded 2025/05/13 5:18 p.m.4 views

php: Reference counting in php_request_shutdown causes Use-After-Free

A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...

9.2CVSS6.4AI score0.00569EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2025/05/13 1:59 p.m.5 views

php: Reference counting in php_request_shutdown causes Use-After-Free

A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...

9.2CVSS6.4AI score0.00569EPSS
Exploits1References5
SUSE CVE
SUSE CVEadded 2023/02/15 5:58 a.m.1 views

SUSE CVE-2010-2093

Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 before 5.2.13 and 5.3 before 5.3.2 allows context-dependent attackers to cause a denial of service crash via a stream context structure that is freed before destruction occurs...

5CVSS6.9AI score0.00417EPSS
Exploits1References5
Friends Of PHP
Friends Of PHPadded 2019/09/19 2:0 a.m.14 views

Circumvents open_basedir INI directive

ADVISORY: This release circumvents openbasedir in the requestinithook. If you rely on the openbasedir INI directive, we highly recommended you upgrade to 0.30.2. Fixed - Shutdown span flushing blocking the process when forked 493 - Memory access errors in cases when PHP code was run after extensi...

7.4AI score
Exploits0Affected Software1
securityvulns
securityvulnsadded 2007/03/17 12:0 a.m.69 views

MOPB-22-2007:PHP session_regenerate_id() Double Free Vulnerability

Summary The sessionregenerateid function that is used to generate a new session identifier fails to clear an already freed pointer to the former session identifier before calling the session identifier generator. When this generator triggers an error this can result in a double free that is easil...

0.4AI score
Exploits0
Rows per page
Query Builder