php

758 tracked vulnerabilities.

CVE-2014-3669
PHP < 5.4.34, 5.5.x < 5.5.18, 5.6.x < 5.6.2 - Remote Code Execution via Unserialize Integer Overflow
Oct 29, 2014
EPSS 0.29
CVE-2014-3668
PHP < 5.4.34 - Buffer Overflow in XMLRPC Extension via Crafted Arguments
Oct 29, 2014
EPSS 0.27
CVE-2014-5459
PHP < 5.6.0 - Arbitrary File Write via PEAR_REST Cache Symlink Attack
Sep 27, 2014
EPSS 0.01
CVE-2014-5120
PHP 5.4.x-5.4.31 and 5.5.x-5.5.15 - Arbitrary File Overwrite via GD Image Function Pathname
Aug 23, 2014
EPSS 0.17
CVE-2014-3597
PHP < 5.4.32 and 5.5.x < 5.5.16 - Remote Code Execution via Crafted DNS Record
Aug 23, 2014
EPSS 0.15
CVE-2014-3587
file < 5.19 - Denial of Service via CDF Property Info Integer Overflow
Aug 23, 2014
EPSS 0.20
CVE-2014-4698
PHP 5.4.0-5.4.31 - Use-After-Free in SPL ArrayIterator
Jul 10, 2014
EPSS 0.01
CVE-2014-4670
PHP < 5.5.14 - Use-After-Free in SPL Iterator
Jul 10, 2014
EPSS 0.01
CVE-2014-3515
PHP < 5.3.29 - Remote Code Execution via SPL Type Confusion
Jul 09, 2014
EPSS 0.30
CVE-2014-3487
file < 5.19 - Denial of Service via CDF File Stream Offset Validation
Jul 09, 2014
EPSS 0.15
CVE-2014-3480 MEDIUM
file < 5.19 - Denial of Service via CDF File Sector-Count Validation
Jul 09, 2014
CVSS 6.5
EPSS 0.11
CVE-2014-3479
file < 5.19 - Denial of Service via CDF Stream Offset Handling
Jul 09, 2014
EPSS 0.15
CVE-2014-3478 MEDIUM
file < 5.19 - Denial of Service via Pascal String in FILE_PSTRING Conversion
Jul 09, 2014
CVSS 6.5
EPSS 0.15
CVE-2014-0207 MEDIUM
file < 5.19 - Denial of Service via Crafted CDF File
Jul 09, 2014
CVSS 6.5
EPSS 0.17
CVE-2014-4721
PHP <5.4.30, 5.5.x <5.5.14 - Info Disclosure
Jul 06, 2014
EPSS 0.06
CVE-2014-3538
file < 5.19 - Denial of Service via Regex Backtracking in AWK Rule Processing
Jul 03, 2014
EPSS 0.12
CVE-2014-4049
PHP < 5.3.29 - Heap-Based Buffer Overflow via DNS TXT Record Parsing
Jun 18, 2014
EPSS 0.11
CVE-2014-3981
PHP < 5.3.29 - Arbitrary File Overwrite via Symlink Attack on /tmp/phpglibccheck
Jun 08, 2014
EPSS 0.01
CVE-2014-0238
PHP < 5.3.29 - Denial of Service via cdf_read_property_info Function
Jun 01, 2014
EPSS 0.21
CVE-2014-0237
PHP < 5.4.29 and 5.5.x < 5.5.13 - Denial of Service via Fileinfo cdf_unpack_summary_info
Jun 01, 2014
EPSS 0.20
CVE-2014-0185
PHP <5.4.28, <5.5.12 - Privilege Escalation
May 06, 2014
EPSS 0.01
CVE-2014-2497
PHP < 5.4.32 - Denial of Service via Crafted XPM Color Table
Mar 21, 2014
EPSS 0.22
CVE-2014-2270
file < 5.17 - Denial of Service via Crafted PE Executable Softmagic Offsets
Mar 14, 2014
EPSS 0.04
CVE-2014-1943
Fine Free file < 5.17 - Denial of Service via Crafted Indirect Offset in File Magic
Feb 18, 2014
EPSS 0.05
CVE-2014-2020
PHP < 5.5.9 - Information Disclosure via GD imagecrop Type Confusion
Feb 18, 2014
EPSS 0.03