Filtered by vendor Php
Subscribe
Total
754 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31631 | 2 Php, Sqlite | 2 Php, Sqlite | 2025-07-02 | N/A | 9.1 CRITICAL |
| In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities. | |||||
| CVE-2025-1861 | 2 Netapp, Php | 2 Ontap, Php | 2025-07-02 | N/A | 9.8 CRITICAL |
| In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location. | |||||
| CVE-2025-1736 | 2 Netapp, Php | 2 Ontap, Php | 2025-07-02 | N/A | 7.3 HIGH |
| In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted. | |||||
| CVE-2025-1734 | 2 Netapp, Php | 2 Ontap, Php | 2025-07-02 | N/A | 5.3 MEDIUM |
| In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when receiving headers from HTTP server, the headers missing a colon (:) are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers. | |||||
| CVE-2024-8929 | 1 Php | 1 Php | 2025-07-02 | N/A | 5.8 MEDIUM |
| In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. | |||||
| CVE-2024-8932 | 2 Netapp, Php | 2 Ontap, Php | 2025-07-02 | N/A | 9.8 CRITICAL |
| In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. | |||||
| CVE-2024-3566 | 7 Golang, Haskell, Microsoft and 4 more | 7 Go, Process Library, Windows and 4 more | 2025-06-25 | N/A | 9.8 CRITICAL |
| A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied. | |||||
| CVE-2024-1874 | 2 Fedoraproject, Php | 2 Fedora, Php | 2025-06-18 | N/A | 9.4 CRITICAL |
| In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell. | |||||
| CVE-2024-2757 | 1 Php | 1 Php | 2025-06-18 | N/A | 7.5 HIGH |
| In PHP 8.3.* before 8.3.5, function mb_encode_mimeheader() runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function. | |||||
| CVE-2024-3096 | 2 Debian, Php | 2 Debian Linux, Php | 2025-06-18 | N/A | 6.5 MEDIUM |
| In PHP version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if a password stored with password_hash() starts with a null byte (\x00), testing a blank string as the password via password_verify() will incorrectly return true. | |||||
| CVE-2025-1219 | 1 Php | 1 Php | 2025-05-23 | N/A | 5.3 MEDIUM |
| In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations. | |||||
| CVE-2025-1217 | 1 Php | 1 Php | 2025-05-23 | N/A | 3.1 LOW |
| In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME types, etc. | |||||
| CVE-2022-37454 | 8 Debian, Extended Keccak Code Package Project, Fedoraproject and 5 more | 8 Debian Linux, Extended Keccak Code Package, Fedora and 5 more | 2025-05-08 | N/A | 9.8 CRITICAL |
| The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface. | |||||
| CVE-2024-11235 | 1 Php | 1 Php | 2025-04-30 | N/A | 8.1 HIGH |
| In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution. | |||||
| CVE-2016-4473 | 2 Php, Suse | 3 Php, Linux Enterprise Module For Web Scripting, Linux Enterprise Software Development Kit | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| /ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. NOTE: Introduced as part of an incomplete fix to CVE-2015-6833. | |||||
| CVE-2017-11143 | 1 Php | 1 Php | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c. | |||||
| CVE-2017-11145 | 1 Php | 1 Php | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: the correct fix is in the e8b7698f5ee757ce2c8bd10a192a491a498f891c commit, not the bd77ac90d3bdf31ce2a5251ad92e9e75 gist. | |||||
| CVE-2016-10161 | 1 Php | 1 Php | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via crafted serialized data that is mishandled in a finish_nested_data call. | |||||
| CVE-2017-11628 | 1 Php | 1 Php | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input (instead of the system's php.ini file) for the parse_ini_string or parse_ini_file function, e.g., a web application for syntax validation of php.ini directives. | |||||
| CVE-2017-11142 | 1 Php | 1 Php | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c. | |||||