Lucene search
+L

3907 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.11 views

F5 Networks BIG-IP : BIG-IP iControl SOAP vulnerability (K000160926)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000160926 advisory. An authenticated attacker with the Resource Administrator or Administrator role can create SNMP...

8.7CVSS5.8AI score0.00248EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.8 views

F5 Networks BIG-IP : iControl SOAP vulnerability (K000160973)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160973 advisory. A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrato...

6.9CVSS5.8AI score0.0029EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.7 views

F5 Networks BIG-IP : iControl SOAP vulnerability (K000159021)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000159021 advisory. An authenticated iControl SOAP user may be able to obtain information of other accounts. CVE-2026-3506...

7.1CVSS5.8AI score0.00248EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.8 views

F5 Networks BIG-IP : BIG-IP iControl SOAP vulnerability (K000160979)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160979 advisory. An authenticated attacker with the Resource Administrator or Administrator role can modify configurati...

8.7CVSS5.8AI score0.00248EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/20 3:35 p.m.18 views

Improper Validation of Unsafe Equivalence in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Unsafe Equivalence in Input in the CXF-RS or CXF-SOAP endpoints due to missing inbound filtering via setInFilterStartsWith. An attacker can execute arbitrary code and write files by injecting Camel-internal header...

9.8CVSS6.2AI score0.01425EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in PHP 7.3

In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15, and 8.0.x below 8.0.2, when using the SOAP extension to connect to a SOAP server, a malicious SOAP server may return malformed XML data as a response. This could cause PHP to access a null pointer, resulting in a crash...

7.5CVSS7AI score0.03179EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/19 7:30 p.m.10 views

CVE-2026-7262

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.7AI score0.0078EPSS
Exploits0References4
OSV
OSV
added 2026/05/19 3:31 p.m.8 views

GHSA-8364-HFQJ-PWM6 Camel-CXF and Camel-Knative Message Header are Vulnerable to Injection via Missing Inbound Filtering

Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering The CXF and Knative HeaderFilterStrategy implementations CxfRsHeaderFilterStrategy in camel-cxf-rest, CxfHeaderFilterStrategy in camel-cxf-transport, and KnativeHttpHeaderFilterStrategy in camel-knative-http only...

9.8CVSS6.5AI score0.01425EPSS
Exploits1References3
OSV
OSV
added 2026/05/19 3:21 p.m.9 views

CLSA-2026-1779204107 php: Fix of 6 CVEs

CVE-2026-6722: fix stale SOAPGLOBAL refmap pointer with Apache Map GHSA-85c2-q967-79q5 - CVE-2026-7262: fix broken Apache map value NULL check in soap encoder GHSA-hmxp-6pc4-f3vv - CVE-2026-7568: fix signed integer overflow of char array offset in metaphone GHSA-96wq-48vp-hh57 - CVE-2026-7261:...

9.8CVSS5.9AI score0.0078EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 3:15 p.m.14 views

CLSA-2026-1779203719 php: Fix of 6 CVEs

CVE-2026-6722: fix stale SOAPGLOBAL refmap pointer with Apache Map GHSA-85c2-q967-79q5 - CVE-2026-7262: fix broken Apache map value NULL check in soap encoder GHSA-hmxp-6pc4-f3vv - CVE-2026-7568: fix signed integer overflow of char array offset in metaphone GHSA-96wq-48vp-hh57 - CVE-2026-7261:...

9.8CVSS5.9AI score0.0078EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 8:25 a.m.8 views

CLSA-2026-1779179106 php: Fix of 2 CVEs

CVE-2026-7261: SOAP UAF on SoapServer::handle header-handler failure - CVE-2026-7262: SOAP tozvalmap NULL pointer dereference...

9.8CVSS5.8AI score0.0078EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 8:20 a.m.10 views

CLSA-2026-1779178796 php: Fix of 2 CVEs

CVE-2026-7261: SOAP UAF on SoapServer::handle header-handler failure - CVE-2026-7262: SOAP tozvalmap NULL pointer dereference...

9.8CVSS5.8AI score0.0078EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.10 views

SUSE SLES15 Security Update : php8 (SUSE-SU-2026:1957-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1957-1 advisory. This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References25
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.18 views

SUSE SLES15 Security Update : php8 (SUSE-SU-2026:1958-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1958-1 advisory. This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References25
OSV
OSV
added 2026/05/18 5:38 p.m.25 views

CLSA-2026-1779125894 php: Fix of 7 CVEs

CVE-2026-7258: fix out-of-bounds read in urldecode via signed-char to ctype.h GHSA-m8rr-4c36-8gq4 - CVE-2026-6722: fix stale SOAPGLOBAL refmap pointer with Apache Map GHSA-85c2-q967-79q5 - CVE-2026-7259: fix null pointer dereference in phpmbcheckencoding via mberegsearchinit GHSA-wm6j-2649-pv75 -...

9.8CVSS5.9AI score0.0078EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/05/18 7:58 a.m.8 views

Security update for php8

This update for php8 fixes the following issues CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References32
SUSE Linux
SUSE Linux
added 2026/05/18 7:57 a.m.12 views

Security update for php8

This update for php8 fixes the following issues CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References32
Packet Storm
Packet Storm
added 2026/05/18 12:0 a.m.70 views

📄 4D Server Server-Side Request Forgery / Arbitrary File Read

Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services. -----BEGIN PGP SIGNED...

8.7CVSS6AI score0.00447EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-021483)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021483 advisory. In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointer...

9.8CVSS6.1AI score0.00739EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.10 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-021474)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021474 advisory. In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process...

7.5CVSS5.8AI score0.0078EPSS
Exploits0References4
Rows per page
Query Builder