Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2025/11/18 5:1 p.m.36 views

CVE-2025-53843

CVE-2025-53843 describes a stack-based buffer overflow in Fortinet FortiOS that affects FortiOS 6.4 and 7.x series (notably 7.6.0–7.6.3, 7.4.0–7.4.8, and all 7.2/7.0). The vulnerability allows an attacker to execute unauthorized code or commands via specially crafted packets, with network access ...

7.5CVSS7.3AI score0.0056EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessusadded 2025/08/13 12:0 a.m.3 views

Liferay Portal 7.4.x < 7.4.3.133 Cross-Site Scripting

Liferay Portal versions 7.4.x prior to 7.4.3.133 and DXP versions prior to 2024.Q1.16 or 2025.Q1.x prior to 2025.Q1.5 or 2025.Q2.x prior to 2025.Q2.0 are affected by a Cross-Site Scripting allowing an remote non-authenticated attacker to inject JavaScript into the...

6.9CVSS6.6AI score0.00548EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/22 8:8 p.m.4 views

CVE-2021-38126

Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting XSS...

6.1CVSS6.8AI score0.00569EPSS
Exploits0References1
F5 Networks
F5 Networksadded 2023/02/21 7:2 p.m.51 views

K01128223: PHP vulnerability CVE-2020-7061

Security Advisory Description In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or...

9.1CVSS7.9AI score0.03869EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2022/11/22 12:0 a.m.26 views

Oracle Linux 9 : php (ELSA-2022-8197)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8197 advisory. 8.0.20-3 - snmp3 calls using authPriv or authNoPriv immediately return false 2104630 8.0.20-2 - fix patch41 not applied use system nikic/php-parser whe...

9.8CVSS7.7AI score0.03437EPSS
Exploits2References3
Prion
Prionadded 2022/06/16 6:15 a.m.155 views

Remote code execution

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdomysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can...

6CVSS9.1AI score0.5838EPSS
Exploits2References7Affected Software2
Amazon
Amazonadded 2020/05/13 12:0 a.m.99 views

Medium: php73

Issue Overview: In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while parsing EXIF data with exifreaddata function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash...

8.8CVSS7.4AI score0.04743EPSS
Exploits4
Debian CVE
Debian CVEadded 2020/02/10 7:45 a.m.59 views

CVE-2020-7059

When using fgetss function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash...

9.1CVSS6.6AI score0.07402EPSS
Exploits1
Rows per page
Query Builder