Total
713 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12933 | 1 Php | 1 Php | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP. | |||||
| CVE-2025-1219 | 1 Php | 1 Php | 2025-04-15 | N/A | 5.3 MEDIUM |
| In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations. | |||||
| CVE-2015-8391 | 5 Fedoraproject, Oracle, Pcre and 2 more | 10 Fedora, Linux, Pcre and 7 more | 2025-04-12 | 9.0 HIGH | 9.8 CRITICAL |
| The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
| CVE-2016-4344 | 1 Php | 1 Php | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8_encode function, leading to a heap-based buffer overflow. | |||||
| CVE-2016-7412 | 1 Php | 1 Php | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
| ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata. | |||||
| CVE-2016-7130 | 1 Php | 1 Php | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document. | |||||
| CVE-2015-3411 | 2 Php, Redhat | 8 Php, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2025-04-12 | 6.4 MEDIUM | 6.5 MEDIUM |
| PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files. | |||||
| CVE-2014-3597 | 1 Php | 1 Php | 2025-04-12 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049. | |||||
| CVE-2016-6290 | 1 Php | 1 Php | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization. | |||||
| CVE-2016-7133 | 1 Php | 1 Php | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
| Zend/zend_alloc.c in PHP 7.x before 7.0.10, when open_basedir is enabled, mishandles huge realloc operations, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a long pathname. | |||||
| CVE-2015-4599 | 2 Php, Redhat | 7 Php, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue. | |||||
| CVE-2015-4644 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352. | |||||
| CVE-2016-1904 | 1 Php | 1 Php | 2025-04-12 | 7.5 HIGH | 7.3 HIGH |
| Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based buffer overflow. | |||||
| CVE-2015-3330 | 4 Apple, Oracle, Php and 1 more | 11 Mac Os X, Linux, Solaris and 8 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter." | |||||
| CVE-2016-6296 | 1 Php | 1 Php | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function. | |||||
| CVE-2016-4070 | 1 Php | 1 Php | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not). | |||||
| CVE-2016-4346 | 2 Opensuse, Php | 3 Leap, Opensuse, Php | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. | |||||
| CVE-2014-3538 | 3 Christos Zoulas, Debian, Php | 3 File, Debian Linux, Php | 2025-04-12 | 5.0 MEDIUM | N/A |
| file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345. | |||||
| CVE-2016-5768 | 1 Php | 1 Php | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception. | |||||
| CVE-2015-6836 | 1 Php | 1 Php | 2025-04-12 | 7.5 HIGH | 7.3 HIGH |
| The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serialize_function_call function. | |||||