Search CVE reports

Toggle filters

981 – 990 of 36525 results

Status is adjusted based on your filters.

CVE-2026-7262

Medium priority
Needs evaluation

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of...

8 affected packages

php5, php7.0, php7.2, php7.4, php8.1...

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
php8.4 Not in release
php8.5 Not in release
Show all 8 packages Show less packages

CVE-2026-7261

Medium priority
Needs evaluation

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when SoapServer is configured with SOAP_PERSISTENCE_SESSION, the handler object is persisted across requests via session...

8 affected packages

php5, php7.0, php7.2, php7.4, php8.1...

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
php8.4 Not in release
php8.5 Not in release
Show all 8 packages Show less packages

CVE-2026-7259

Medium priority
Needs evaluation

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to  a NULL pointer dereference, resulting in a segmentation fault...

8 affected packages

php5, php7.0, php7.2, php7.4, php8.1...

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
php8.4 Not in release
php8.5 Not in release
Show all 8 packages Show less packages

CVE-2026-7258

Negligible priority
Needs evaluation

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, some functions, including urldecode(), pass signed char to ctype functions (like isxdigit()). On the systems with default...

8 affected packages

php5, php7.0, php7.2, php7.4, php8.1...

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
php8.4 Not in release
php8.5 Not in release
Show all 8 packages Show less packages

CVE-2026-6735

Medium priority
Needs evaluation

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, 8.5.* before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary...

8 affected packages

php5, php7.0, php7.2, php7.4, php8.1...

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
php8.4 Not in release
php8.5 Not in release
Show all 8 packages Show less packages

CVE-2026-6722

Medium priority
Needs evaluation

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their...

8 affected packages

php5, php7.0, php7.2, php7.4, php8.1...

Package 24.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
php8.1 Not in release
php8.3 Needs evaluation
php8.4 Not in release
php8.5 Not in release
Show all 8 packages Show less packages

CVE-2025-14179

Medium priority
Fixed

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a...

8 affected packages

php8.5, php8.1, php8.3, php8.4, php5...

Package 24.04 LTS
php8.5 Not in release
php8.1 Not in release
php8.3 Fixed
php8.4 Not in release
php5 Not in release
php7.0 Not in release
php7.2 Not in release
php7.4 Not in release
Show all 8 packages Show less packages

CVE-2026-8213

Medium priority
Needs evaluation

A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the component Grid File Handler. The manipulation leads to heap-based...

1 affected package

gdal

Package 24.04 LTS
gdal Needs evaluation
Show less packages

CVE-2026-8212

Medium priority
Needs evaluation

A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack...

1 affected package

gdal

Package 24.04 LTS
gdal Needs evaluation
Show less packages

CVE-2026-45184

Medium priority
Needs evaluation

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used.

1 affected package

kdenlive

Package 24.04 LTS
kdenlive Needs evaluation
Show less packages
  1. Previous page
  2. 97
  3. 98
  4. 99
  5. 100
  6. 101
  7. Next page
Export to JSON