CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58 matches found

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.00123EPSS

Exploits0References5

RedHat Linux•added 4 days ago•8 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

7.5CVSS5.8AI score0.00123EPSS

Exploits0References5

RedHat Linux•added 4 days ago•13 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

7.5CVSS5.8AI score0.00123EPSS

Exploits0References5

Tenable Nessus•added 2026/05/27 12:0 a.m.•7 views

Amazon Linux 2023 : php8.5, php8.5-bcmath, php8.5-cli (ALAS2023-2026-1733)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1733 advisory. uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes. CVE-2026-42371 In uriparser before 1.0.2, there is pointer...

9.8CVSS6.4AI score0.00369EPSS

Exploits1References24

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в php7.3

In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15, and 8.0.x below 8.0.2, when using the SOAP extension to connect to a SOAP server, a malicious SOAP server may return malformed XML data as a response. This could cause PHP to access a null pointer, resulting in a crash...

7.5CVSS6.8AI score0.00272EPSS

Exploits0References2

RedhatCVE•added 2026/05/19 7:30 p.m.•5 views

CVE-2026-7262

7.5CVSS5.7AI score0.00123EPSS

Exploits0References4

OSV•added 2026/05/19 8:25 a.m.•2 views

CLSA-2026-1779179106 php: Fix of 2 CVEs

CVE-2026-7261: SOAP UAF on SoapServer::handle header-handler failure - CVE-2026-7262: SOAP tozvalmap NULL pointer dereference...

9.8CVSS5.8AI score0.00123EPSS

Exploits0References1

OSV•added 2026/05/19 8:20 a.m.•5 views

CLSA-2026-1779178796 php: Fix of 2 CVEs

CVE-2026-7261: SOAP UAF on SoapServer::handle header-handler failure - CVE-2026-7262: SOAP tozvalmap NULL pointer dereference...

9.8CVSS5.8AI score0.00123EPSS

Exploits0References1

Tenable Nessus•added 2026/05/18 12:0 a.m.•6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-021474)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021474 advisory. In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process...

7.5CVSS5.8AI score0.00123EPSS

Exploits0References4

OSV•added 2026/05/12 8:56 a.m.•4 views

BIT-PHP-MIN-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...

7.5CVSS5.8AI score0.00123EPSS

Exploits0References2

OSV•added 2026/05/12 8:56 a.m.•3 views

BIT-PHP-MIN-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

9.8CVSS5.8AI score0.00073EPSS

Exploits0References2

OSV•added 2026/05/12 8:56 a.m.•6 views

BIT-PHP-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>

7.5CVSS5.8AI score0.00123EPSS

Exploits0References2

OSV•added 2026/05/12 8:56 a.m.•3 views

BIT-PHP-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault

9.8CVSS5.8AI score0.00073EPSS

Exploits0References2

OSV•added 2026/05/12 8:50 a.m.•3 views

BIT-LIBPHP-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault

9.8CVSS5.8AI score0.00073EPSS

Exploits0References2

Positive Technologies•added 2026/05/12 12:0 a.m.•8 views

PT-2026-40299

7.5CVSS5.8AI score0.00123EPSS

Exploits0References3

Positive Technologies•added 2026/05/12 12:0 a.m.•6 views

PT-2026-40284

7.5CVSS5.8AI score0.00123EPSS

Exploits0References3

Positive Technologies•added 2026/05/12 12:0 a.m.•5 views

PT-2026-40309

7.5CVSS5.8AI score0.00123EPSS

Exploits0References3

Positive Technologies•added 2026/05/12 12:0 a.m.•6 views

PT-2026-40283

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAP PERSISTENCE SESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the...

9.8CVSS5.8AI score0.00073EPSS

Exploits0References3

Positive Technologies•added 2026/05/12 12:0 a.m.•7 views

PT-2026-40298

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAP PERSISTENCE SESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the...

9.8CVSS5.8AI score0.00073EPSS

Exploits0References3

SUSE CVE•added 2026/05/11 2:17 p.m.•5 views

SUSE CVE-2026-7261

8.1CVSS5.8AI score0.00073EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by