php

756 tracked vulnerabilities.

CVE-2014-5459
PHP < 5.6.0 - Arbitrary File Write via PEAR_REST Cache Symlink Attack
Sep 27, 2014
EPSS 0.00
CVE-2014-5120
PHP 5.4.x-5.4.31 and 5.5.x-5.5.15 - Arbitrary File Overwrite via GD Image Function Pathname
Aug 23, 2014
EPSS 0.09
CVE-2014-3597
PHP < 5.4.32 and 5.5.x < 5.5.16 - Remote Code Execution via Crafted DNS Record
Aug 23, 2014
EPSS 0.07
CVE-2014-3587
file < 5.19 - Denial of Service via CDF Property Info Integer Overflow
Aug 23, 2014
EPSS 0.30
CVE-2014-4698
PHP 5.4.0-5.4.31 - Use-After-Free in SPL ArrayIterator
Jul 10, 2014
EPSS 0.00
CVE-2014-4670
PHP < 5.5.14 - Use-After-Free in SPL Iterator
Jul 10, 2014
EPSS 0.00
CVE-2014-3515
PHP < 5.3.29 - Remote Code Execution via SPL Type Confusion
Jul 09, 2014
EPSS 0.49
CVE-2014-3487
file < 5.19 - Denial of Service via CDF File Stream Offset Validation
Jul 09, 2014
EPSS 0.15
CVE-2014-3480 MEDIUM
file < 5.19 - Denial of Service via CDF File Sector-Count Validation
Jul 09, 2014
CVSS 6.5
EPSS 0.03
CVE-2014-3479
file < 5.19 - Denial of Service via CDF Stream Offset Handling
Jul 09, 2014
EPSS 0.06
CVE-2014-3478 MEDIUM
file < 5.19 - Denial of Service via Pascal String in FILE_PSTRING Conversion
Jul 09, 2014
CVSS 6.5
EPSS 0.38
CVE-2014-0207 MEDIUM
file < 5.19 - Denial of Service via Crafted CDF File
Jul 09, 2014
CVSS 6.5
EPSS 0.09
CVE-2014-4721
PHP <5.4.30, 5.5.x <5.5.14 - Info Disclosure
Jul 06, 2014
EPSS 0.10
CVE-2014-3538
file < 5.19 - Denial of Service via Regex Backtracking in AWK Rule Processing
Jul 03, 2014
EPSS 0.27
CVE-2014-4049
PHP < 5.3.29 - Heap-Based Buffer Overflow via DNS TXT Record Parsing
Jun 18, 2014
EPSS 0.31
CVE-2014-3981
PHP < 5.3.29 - Arbitrary File Overwrite via Symlink Attack on /tmp/phpglibccheck
Jun 08, 2014
EPSS 0.00
CVE-2014-0238
PHP < 5.3.29 - Denial of Service via cdf_read_property_info Function
Jun 01, 2014
EPSS 0.24
CVE-2014-0237
PHP < 5.4.29 and 5.5.x < 5.5.13 - Denial of Service via Fileinfo cdf_unpack_summary_info
Jun 01, 2014
EPSS 0.26
CVE-2014-0185
PHP <5.4.28, <5.5.12 - Privilege Escalation
May 06, 2014
EPSS 0.00
CVE-2014-2497
PHP < 5.4.32 - Denial of Service via Crafted XPM Color Table
Mar 21, 2014
EPSS 0.05
CVE-2014-2270
file < 5.17 - Denial of Service via Crafted PE Executable Softmagic Offsets
Mar 14, 2014
EPSS 0.31
CVE-2014-1943
Fine Free file < 5.17 - Denial of Service via Crafted Indirect Offset in File Magic
Feb 18, 2014
EPSS 0.30
CVE-2014-2020
PHP < 5.5.9 - Information Disclosure via GD imagecrop Type Confusion
Feb 18, 2014
EPSS 0.00
CVE-2013-6501
PHP < 5.6.7 - WSDL Injection via Predictable /tmp Cache Filename
Mar 30, 2015
EPSS 0.00
CVE-2013-7345
file < 5.15 - Denial of Service via Crafted ASCII File with Excessive Newlines
Mar 24, 2014
EPSS 0.01
Products
php 723 pear 5 archive_tar 4 frankenphp 2 pearweb 2 php_script_index 2 animated_smiley_generator 1 ar_memberscript 1 blog_cms 1 bloq 1 com_extensions 1 directory_listing_script 1 errordocs 1 ext-http 1 f1_maxs_file_uploader 1 imagick 1 memcached 1 mysql_banner_exchange 1 mysql_extension 1 pear_archive_tar 1 pecl_http 1 php_fi 1 phpsquidpass 1 xhprof 1 xml_rpc 1
Quick Filters
Critical CVEs With Exploits In CISA KEV