Filtered by vendor Php
Subscribe
Total
744 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-11147 | 2 Netapp, Php | 2 Clustered Data Ontap, Php | 2025-04-20 | 6.4 MEDIUM | 9.1 CRITICAL |
| In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c. | |||||
| CVE-2017-7890 | 1 Php | 1 Php | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information. | |||||
| CVE-2017-12933 | 1 Php | 1 Php | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP. | |||||
| CVE-2025-1219 | 1 Php | 1 Php | 2025-04-15 | N/A | 5.3 MEDIUM |
| In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations. | |||||
| CVE-2015-8391 | 5 Fedoraproject, Oracle, Pcre and 2 more | 10 Fedora, Linux, Pcre and 7 more | 2025-04-12 | 9.0 HIGH | 9.8 CRITICAL |
| The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
| CVE-2013-4433 | 1 Php | 1 Xhprof | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in XHProf before 0.9.4 allows remote attackers to inject arbitrary web script or HTML via the run parameter. | |||||
| CVE-2016-4344 | 1 Php | 1 Php | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8_encode function, leading to a heap-based buffer overflow. | |||||
| CVE-2016-7412 | 1 Php | 1 Php | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
| ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata. | |||||
| CVE-2016-7130 | 1 Php | 1 Php | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document. | |||||
| CVE-2015-3411 | 2 Php, Redhat | 8 Php, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2025-04-12 | 6.4 MEDIUM | 6.5 MEDIUM |
| PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files. | |||||
| CVE-2014-3597 | 1 Php | 1 Php | 2025-04-12 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049. | |||||
| CVE-2016-6290 | 1 Php | 1 Php | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization. | |||||
| CVE-2016-7133 | 1 Php | 1 Php | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
| Zend/zend_alloc.c in PHP 7.x before 7.0.10, when open_basedir is enabled, mishandles huge realloc operations, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a long pathname. | |||||
| CVE-2015-4599 | 2 Php, Redhat | 7 Php, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue. | |||||
| CVE-2015-4644 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352. | |||||
| CVE-2016-1904 | 1 Php | 1 Php | 2025-04-12 | 7.5 HIGH | 7.3 HIGH |
| Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based buffer overflow. | |||||
| CVE-2015-3330 | 4 Apple, Oracle, Php and 1 more | 11 Mac Os X, Linux, Solaris and 8 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter." | |||||
| CVE-2016-6296 | 1 Php | 1 Php | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function. | |||||
| CVE-2016-4070 | 1 Php | 1 Php | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not). | |||||
| CVE-2016-4346 | 2 Opensuse, Php | 3 Leap, Opensuse, Php | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. | |||||