Filtered by vendor Php
Subscribe
Total
748 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-4635 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function. | |||||
CVE-2012-2376 | 2 Microsoft, Php | 2 Windows, Php | 2025-04-11 | 10.0 HIGH | N/A |
Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012. | |||||
CVE-2012-6113 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 through 5.3.13 does not initialize a certain variable, which allows remote attackers to obtain sensitive information from process memory by providing zero bytes of input data. | |||||
CVE-2010-4150 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | |||||
CVE-2012-1171 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper. | |||||
CVE-2012-4388 | 3 Canonical, Debian, Php | 3 Ubuntu Linux, Debian Linux, Php | 2025-04-11 | 4.3 MEDIUM | N/A |
The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1398. | |||||
CVE-2010-2225 | 1 Php | 1 Php | 2025-04-11 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function. | |||||
CVE-2012-3365 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. | |||||
CVE-2011-3379 | 1 Php | 1 Php | 2025-04-11 | 7.5 HIGH | N/A |
The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders. | |||||
CVE-2012-2335 | 1 Php | 1 Php | 2025-04-11 | 7.5 HIGH | N/A |
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence. | |||||
CVE-2013-3735 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | 7.5 HIGH |
The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted function definition, as demonstrated by an attack within a shared web-hosting environment. NOTE: the vendor's http://php.net/security-note.php page says "for critical security situations you should be using OS-level security by running multiple web servers each as their own user id. | |||||
CVE-2011-3189 | 1 Php | 1 Php | 2025-04-11 | 4.3 MEDIUM | N/A |
The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483. | |||||
CVE-2010-3709 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2025-04-11 | 4.3 MEDIUM | N/A |
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive. | |||||
CVE-2011-0441 | 1 Php | 1 Php | 2025-04-11 | 6.3 MEDIUM | N/A |
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. | |||||
CVE-2010-4700 | 1 Php | 1 Php | 2025-04-11 | 6.8 MEDIUM | N/A |
The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions. | |||||
CVE-2011-1153 | 1 Php | 1 Php | 2025-04-11 | 7.5 HIGH | N/A |
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code via format string specifiers in an argument to a class method, leading to an incorrect zend_throw_exception_ex call. | |||||
CVE-2010-1917 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string. | |||||
CVE-2011-0752 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOBALS superglobal array and (2) the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended to depend on external input, a related issue to CVE-2005-2691 and CVE-2006-3758. | |||||
CVE-2010-2190 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature. | |||||
CVE-2010-4698 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function. |