Filtered by vendor Php
Subscribe
Total
748 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1378 | 1 Php | 1 Php | 2025-04-09 | 5.1 MEDIUM | N/A |
| The ovrimos_longreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-dependent attackers to write to arbitrary memory locations via the result_id and length arguments. | |||||
| CVE-2007-1001 | 1 Php | 1 Php | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values. | |||||
| CVE-2007-1412 | 1 Php | 1 Php | 2025-04-09 | 7.8 HIGH | N/A |
| The cpdf_open function in the ClibPDF (cpdf) extension in PHP 4.4.6 allows context-dependent attackers to obtain sensitive information (script source code) via a long string in the second argument. | |||||
| CVE-2007-1777 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow. | |||||
| CVE-2008-2108 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2025-04-09 | 7.5 HIGH | 9.8 CRITICAL |
| The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions. | |||||
| CVE-2007-6512 | 1 Php | 1 Mysql Banner Exchange | 2025-04-09 | 5.0 MEDIUM | N/A |
| PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc. | |||||
| CVE-2007-1582 | 1 Php | 1 Php | 2025-04-09 | 6.8 MEDIUM | N/A |
| The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify internal resources. | |||||
| CVE-2007-0905 | 2 Php, Trustix | 2 Php, Secure Linux | 2025-04-09 | 7.5 HIGH | N/A |
| PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383. | |||||
| CVE-2008-5557 | 1 Php | 1 Php | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion, related to the (1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and (4) mb_parse_str functions. | |||||
| CVE-2008-2829 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related to the rfc822_write_address function. | |||||
| CVE-2007-4662 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors. | |||||
| CVE-2006-6545 | 1 Php | 1 Errordocs | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/common.php in the ErrorDocs 1.0.0 and earlier module for mxBB (mx_errordocs) allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | |||||
| CVE-2009-4143 | 1 Php | 1 Php | 2025-04-09 | 10.0 HIGH | N/A |
| PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive. | |||||
| CVE-2007-2872 | 1 Php | 1 Php | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments. | |||||
| CVE-2009-4018 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable. | |||||
| CVE-2007-0455 | 5 Canonical, Fedoraproject, Gd Graphics Library Project and 2 more | 7 Ubuntu Linux, Fedora, Gd Graphics Library and 4 more | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. | |||||
| CVE-2007-1452 | 1 Php | 1 Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement the input filtering hooks for ext/filter, which allows remote attackers to bypass web site filters via an application/vnd.fdf formatted POST. | |||||
| CVE-2007-1835 | 1 Php | 1 Php | 2025-04-09 | 4.6 MEDIUM | N/A |
| PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path (session.save_path), uses the TMPDIR default after checking the restrictions, which allows local users to bypass open_basedir restrictions. | |||||
| CVE-2007-1718 | 1 Php | 1 Php | 2025-04-09 | 7.8 HIGH | N/A |
| CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a "\r\n\t\n" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro. | |||||
| CVE-2007-4783 | 1 Php | 1 Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| The iconv_substr function in PHP 5.2.4 and earlier allows context-dependent attackers to cause (1) a denial of service (application crash) via a long string in the charset parameter, probably also requiring a long string in the str parameter; or (2) a denial of service (temporary application hang) via a long string in the str parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution. | |||||