php

756 tracked vulnerabilities.

CVE-2013-4433
XHProf < 0.9.4 - Cross-Site Scripting via Run Parameter
Mar 11, 2014
EPSS 0.00
CVE-2013-7328
PHP 5.5.x - Denial of Service and Information Disclosure via Negative ImageCrop Dimensions
Feb 18, 2014
EPSS 0.01
CVE-2013-7327
PHP 5.5.x <5.5.9 - DoS
Feb 18, 2014
EPSS 0.01
CVE-2013-7226
PHP 5.5.x - Denial of Service via gdImageCrop Integer Overflow
Feb 18, 2014
EPSS 0.10
CVE-2013-6420
PHP < 5.3.28, 5.4.x < 5.4.23, 5.5.x < 5.5.7 - Remote Code Execution via X.509 Certificate Timestamp Parsing
Dec 17, 2013
EPSS 0.40
CVE-2013-6712
PHP through 5.5.6 - Denial of Service via DateInterval Parsing
Nov 28, 2013
EPSS 0.17
CVE-2013-1824
Redhat Enterprise Linux < 10.8.5 - XXE
Sep 16, 2013
EPSS 0.02
CVE-2013-4248
Canonical Ubuntu Linux < 5.4.17 - Improper Input Validation
Aug 18, 2013
EPSS 0.10
CVE-2013-4113
PHP 5.3.0-5.3.26 - Out-of-bounds Write via xml_parse_into_struct
Jul 13, 2013
EPSS 0.19
CVE-2013-4636
PHP Fileinfo Component - Denial of Service via MP3 MIME Type Detection
Jun 21, 2013
EPSS 0.00
CVE-2013-4635
PHP < 5.3.26 and 5.4.x < 5.4.16 - Denial of Service via SdnToJewish Integer Overflow
Jun 21, 2013
EPSS 0.13
CVE-2013-2110
PHP < 5.3.26 and 5.4.x < 5.4.16 - Heap-Based Buffer Overflow via quoted_printable_encode
Jun 21, 2013
EPSS 0.08
CVE-2013-3735 HIGH
PHP < 5.4.16 RC1 and 5.5.0 < RC2 - Denial of Service via Crafted Function Definition
May 31, 2013
CVSS 7.5
EPSS 0.01
CVE-2013-1643
PHP < 5.3.23 and 5.4.x < 5.4.13 - XML External Entity Injection via SOAP WSDL Parser
Mar 06, 2013
EPSS 0.01
CVE-2013-1635
PHP < 5.3.22 and 5.4.x < 5.4.13 - Unauthenticated Directory Traversal via SOAP WSDL Cache
Mar 06, 2013
EPSS 0.03
CVE-2012-1171
PHP 5.x - Unauthenticated Arbitrary File Read via libxml Custom Stream Wrapper
Feb 15, 2014
EPSS 0.00
CVE-2012-6113
PHP 5.3.9-5.3.13 - Information Exposure via Uninitialized Variable in openssl_encrypt
Jan 19, 2013
EPSS 0.00
CVE-2012-5381
PHP 5.3.17 - Untrusted Search Path Vulnerability via DLL Hijacking
Oct 11, 2012
EPSS 0.00
CVE-2012-4388
PHP 5.4.0RC2-5.4.0 - HTTP Response Splitting via Carriage Return Bypass
Sep 07, 2012
EPSS 0.02
CVE-2012-3450
PHP < 5.3.14 and 5.4.x < 5.4.4 - Denial of Service via PDO Prepared Statement Parsing
Aug 06, 2012
EPSS 0.12
CVE-2012-3365
PHP < 5.3.15 - open_basedir Protection Bypass via SQLite Functionality
Jul 20, 2012
EPSS 0.01
CVE-2012-2688
PHP <5.3.15, <5.4.5 - Buffer Overflow
Jul 20, 2012
EPSS 0.33
CVE-2012-2386
PHP <5.3.14, <5.4.4 - Buffer Overflow
Jul 07, 2012
EPSS 0.28
CVE-2012-2143
FreeBSD < 9.0 - Authentication Bypass via Incomplete Password Processing
Jul 05, 2012
EPSS 0.03
CVE-2012-1172
PHP < 5.4.0 - Denial of Service and Directory Traversal via Invalid Square Bracket in File Upload Name
May 24, 2012
EPSS 0.12
Products
php 723 pear 5 archive_tar 4 frankenphp 2 pearweb 2 php_script_index 2 animated_smiley_generator 1 ar_memberscript 1 blog_cms 1 bloq 1 com_extensions 1 directory_listing_script 1 errordocs 1 ext-http 1 f1_maxs_file_uploader 1 imagick 1 memcached 1 mysql_banner_exchange 1 mysql_extension 1 pear_archive_tar 1 pecl_http 1 php_fi 1 phpsquidpass 1 xhprof 1 xml_rpc 1
Quick Filters
Critical CVEs With Exploits In CISA KEV