php

758 tracked vulnerabilities.

CVE-2012-2143
FreeBSD < 9.0 - Authentication Bypass via Incomplete Password Processing
Jul 05, 2012
EPSS 0.06
CVE-2012-1172
PHP < 5.4.0 - Denial of Service and Directory Traversal via Invalid Square Bracket in File Upload Name
May 24, 2012
EPSS 0.06
CVE-2012-2376
PHP < 5.4.3 - Remote Code Execution via COM Object VARIANT Type Handling
May 21, 2012
EPSS 0.20
CVE-2012-2336
PHP < 5.3.13 and 5.4.x < 5.4.3 - Denial of Service via Malformed CGI Query String
May 11, 2012
EPSS 0.51
CVE-2012-2335
PHP - Remote Code Execution via Query String with +- Sequence
May 11, 2012
EPSS 0.33
CVE-2012-2329
PHP 5.4.x < 5.4.3 - Buffer Overflow via HTTP Request Header
May 11, 2012
EPSS 0.63
CVE-2012-2311
PHP < 5.3.13 and 5.4.x < 5.4.3 - Remote Code Execution via CGI Query String
May 11, 2012
EPSS 0.70
CVE-2012-1823 CRITICAL KEVNUCLEI
PHP < 5.3.12 and 5.4.x < 5.4.2 - Remote Code Execution via CGI Query String
May 11, 2012
CVSS 9.8
EPSS 1.00
CVE-2012-0789
PHP < 5.3.9 - Denial of Service via strtotime Timezone Parsing
Feb 14, 2012
EPSS 0.08
CVE-2012-0788
PHP < 5.3.9 - Denial of Service via PDORow and Session Interaction
Feb 14, 2012
EPSS 0.09
CVE-2012-0831
PHP < 5.3.10 - SQL Injection via Environment Variable Import
Feb 10, 2012
EPSS 0.07
CVE-2012-0830
PHP 5.3.9 - Remote Code Execution via Large Number of Variables
Feb 06, 2012
EPSS 0.30
CVE-2012-0057
PHP < 5.3.9 - Arbitrary File Write via libxslt Output Extension
Feb 02, 2012
EPSS 0.03
CVE-2012-0781
PHP 5.3.8 - Denial of Service via Tidy::diagnose NULL Pointer Dereference
Jan 18, 2012
EPSS 0.11
CVE-2011-3336 HIGH
PHP 5.3.0-5.3.9 - Denial of Service via Stack Exhaustion in regcomp
Feb 12, 2020
CVSS 7.5
EPSS 0.06
CVE-2011-1939 CRITICAL
Zend Framework <1.10.9, <1.11.6 - SQL Injection
Nov 26, 2019
CVSS 9.8
EPSS 0.04
CVE-2011-4718
PHP < 5.5.2 - Session Fixation via Session ID Specification
Aug 13, 2013
EPSS 0.04
CVE-2011-1398
PHP < 5.3.11 and 5.4.x < 5.4.0RC2 - HTTP Response Splitting via Carriage Return Bypass
Aug 30, 2012
EPSS 0.10
CVE-2011-4153
PHP 5.3.8 - Denial of Service via zend_strndup Return Value Mismanagement
Jan 18, 2012
EPSS 0.12
CVE-2011-4885
PHP < 5.3.9 - Denial of Service via Hash Collision in Form Parameter Handling
Dec 30, 2011
EPSS 0.84
CVE-2011-4566
PHP 5.4.0beta2 - Remote Memory Read and Denial of Service via EXIF Header Integer Overflow
Nov 29, 2011
EPSS 0.07
CVE-2011-3379
PHP 5.3.7-5.3.8 - Remote Code Execution via is_a Function Autoload Trigger
Nov 03, 2011
EPSS 0.05
CVE-2011-3268
PHP < 5.3.7 - Buffer Overflow via Long Salt Argument in crypt Function
Aug 25, 2011
EPSS 0.06
CVE-2011-3267
PHP < 5.3.7 - Denial of Service via error_log Function
Aug 25, 2011
EPSS 0.03
CVE-2011-3189
PHP 5.3.7 - Authentication Bypass via MD5 Crypt Salt Handling
Aug 25, 2011
EPSS 0.04