php
758 tracked vulnerabilities.
CVE-2016-3142
HIGH
PHP < 5.5.33 and 5.6.x < 5.6.19 - Out-of-Bounds Read via PHAR Zip File Parsing
Mar 31, 2016
CVSS 8.2
EPSS 0.05
CVE-2016-3141
CRITICAL
Apple Mac OS X < 10.11.4 - Memory Corruption
Mar 31, 2016
CVSS 9.8
EPSS 0.35
CVE-2016-1904
HIGH
PHP 7.x < 7.0.2 - Denial of Service via Heap-Based Buffer Overflow in exec.c
Jan 19, 2016
CVSS 7.3
EPSS 0.03
CVE-2016-1903
CRITICAL
PHP <5.5.31, <5.6.17, <7.0.2 - Info Disclosure/DoS
Jan 19, 2016
CVSS 9.1
EPSS 0.08
CVE-2016-1283
CRITICAL
PCRE 8.38 - Heap-Based Buffer Overflow
Jan 03, 2016
CVSS 9.8
EPSS 0.08
CVE-2015-2326
MEDIUM
PCRE < 8.37 - Denial of Service via Incorrect Regular Expression Compilation
Jan 14, 2020
CVSS 5.5
EPSS 0.02
CVE-2015-2325
HIGH
PCRE < 8.37 - Out-of-bounds Read via Repeated Forward Reference in Regular Expression
Jan 14, 2020
CVSS 7.8
EPSS 0.02
CVE-2015-9253
MEDIUM
PHP < 7.1.20 - Uncontrolled Resource Consumption via Non-Blocking STDIN Stream
Feb 19, 2018
CVSS 6.5
EPSS 0.04
CVE-2015-8994
HIGH
PHP 5.0.0-5.6.28 - Unauthenticated Script Execution via OpCache Shared Memory
Mar 02, 2017
CVSS 7.5
EPSS 0.03
CVE-2015-8935
MEDIUM
PHP < 5.4.38 - Cross-Site Scripting via Header Function Line Folding
Aug 07, 2016
CVSS 6.1
EPSS 0.03
CVE-2015-8880
CRITICAL
PHP 7.x - Double Free in Format Printer
May 22, 2016
CVSS 9.8
EPSS 0.03
CVE-2015-8879
HIGH
PHP < 5.5.38 - Denial of Service via odbc_bindcols SQL_WVARCHAR Handling
May 22, 2016
CVSS 7.5
EPSS 0.03
CVE-2015-8878
MEDIUM
PHP 5.5.0-5.5.27 - Denial of Service via Race Condition in Temporary File Handling
May 22, 2016
CVSS 5.9
EPSS 0.01
CVE-2015-8877
HIGH
libgd < 2.1.1 - Denial of Service via gdImageScaleTwoPass Memory Allocation
May 22, 2016
CVSS 7.5
EPSS 0.04
CVE-2015-8876
CRITICAL
PHP 5.4.0-5.4.43 - Denial of Service via Crafted Serialized Exception Data
May 22, 2016
CVSS 9.8
EPSS 0.08
CVE-2015-8867
HIGH
PHP < 5.4.44 - Insecure Cryptographic Randomness via Deprecated RAND_pseudo_bytes
May 22, 2016
CVSS 7.5
EPSS 0.04
CVE-2015-8866
CRITICAL
PHP < 5.5.22 - XML External Entity Injection via libxml_disable_entity_loader Bypass
May 22, 2016
CVSS 9.6
EPSS 0.04
CVE-2015-8865
HIGH
PHP < 5.5.34, 5.6.x < 5.6.20, 7.x < 7.0.5 - Buffer Overflow in Fileinfo Component
May 20, 2016
CVSS 7.3
EPSS 0.05
CVE-2015-8874
HIGH
Opensuse Leap < 5.6.11 - Memory Corruption
May 16, 2016
CVSS 7.5
EPSS 0.08
CVE-2015-8873
HIGH
PHP < 5.4.44 - Denial of Service via Recursive Method Calls
May 16, 2016
CVSS 7.5
EPSS 0.04
CVE-2015-8838
MEDIUM
PHP < 5.4.43, 5.5.x < 5.5.27, 5.6.x < 5.6.11 - Cleartext Downgrade Attack via MySQLnd SSL Option
May 16, 2016
CVSS 5.9
EPSS 0.02
CVE-2015-8835
CRITICAL
PHP < 5.4.44, 5.5.x < 5.5.28, 5.6.x < 5.6.12 - Denial of Service via SoapClient _cookies Array Deserialization
May 16, 2016
CVSS 9.8
EPSS 0.06
CVE-2015-6838
HIGH
PHP < 5.4.45, 5.5.x < 5.5.29, 5.6.x < 5.6.13 - Denial of Service via NULL Pointer Dereference in xsl_ext_function_php
May 16, 2016
CVSS 7.5
EPSS 0.07
CVE-2015-6837
HIGH
PHP < 5.4.45, 5.5.x < 5.5.29, 5.6.x < 5.6.13 - Denial of Service via NULL Pointer Dereference in xsl_ext_function_php
May 16, 2016
CVSS 7.5
EPSS 0.07
CVE-2015-6835
CRITICAL
Joomla HTTP Header Unauthenticated Remote Code Execution
May 16, 2016
CVSS 9.8
EPSS 0.37
Products
php 724
pear 5
archive_tar 4
frankenphp 3
pearweb 2
php_script_index 2
animated_smiley_generator 1
ar_memberscript 1
blog_cms 1
bloq 1
com_extensions 1
directory_listing_script 1
errordocs 1
ext-http 1
f1_maxs_file_uploader 1
imagick 1
memcached 1
mysql_banner_exchange 1
mysql_extension 1
pear_archive_tar 1
pecl_http 1
php_fi 1
phpsquidpass 1
xhprof 1
xml_rpc 1
Quick Filters