php
756 tracked vulnerabilities.
CVE-2012-2376
PHP < 5.4.3 - Remote Code Execution via COM Object VARIANT Type Handling
May 21, 2012
EPSS 0.37
CVE-2012-2336
PHP < 5.3.13 and 5.4.x < 5.4.3 - Denial of Service via Malformed CGI Query String
May 11, 2012
EPSS 0.47
CVE-2012-2335
PHP - Remote Code Execution via Query String with +- Sequence
May 11, 2012
EPSS 0.17
CVE-2012-2329
PHP 5.4.x < 5.4.3 - Buffer Overflow via HTTP Request Header
May 11, 2012
EPSS 0.80
CVE-2012-2311
PHP < 5.3.13 and 5.4.x < 5.4.3 - Remote Code Execution via CGI Query String
May 11, 2012
EPSS 0.75
CVE-2012-1823
CRITICAL
KEVNUCLEI
PHP < 5.3.12 and 5.4.x < 5.4.2 - Remote Code Execution via CGI Query String
May 11, 2012
CVSS 9.8
EPSS 0.94
CVE-2012-0789
PHP < 5.3.9 - Denial of Service via strtotime Timezone Parsing
Feb 14, 2012
EPSS 0.08
CVE-2012-0788
PHP < 5.3.9 - Denial of Service via PDORow and Session Interaction
Feb 14, 2012
EPSS 0.05
CVE-2012-0831
PHP < 5.3.10 - SQL Injection via Environment Variable Import
Feb 10, 2012
EPSS 0.11
CVE-2012-0830
PHP 5.3.9 - Remote Code Execution via Large Number of Variables
Feb 06, 2012
EPSS 0.27
CVE-2012-0057
PHP < 5.3.9 - Arbitrary File Write via libxslt Output Extension
Feb 02, 2012
EPSS 0.02
CVE-2012-0781
PHP 5.3.8 - Denial of Service via Tidy::diagnose NULL Pointer Dereference
Jan 18, 2012
EPSS 0.04
CVE-2011-3336
HIGH
PHP 5.3.0-5.3.9 - Denial of Service via Stack Exhaustion in regcomp
Feb 12, 2020
CVSS 7.5
EPSS 0.25
CVE-2011-1939
CRITICAL
Zend Framework <1.10.9, <1.11.6 - SQL Injection
Nov 26, 2019
CVSS 9.8
EPSS 0.06
CVE-2011-4718
PHP < 5.5.2 - Session Fixation via Session ID Specification
Aug 13, 2013
EPSS 0.01
CVE-2011-1398
PHP < 5.3.11 and 5.4.x < 5.4.0RC2 - HTTP Response Splitting via Carriage Return Bypass
Aug 30, 2012
EPSS 0.08
CVE-2011-4153
PHP 5.3.8 - Denial of Service via zend_strndup Return Value Mismanagement
Jan 18, 2012
EPSS 0.06
CVE-2011-4885
PHP < 5.3.9 - Denial of Service via Hash Collision in Form Parameter Handling
Dec 30, 2011
EPSS 0.87
CVE-2011-4566
PHP 5.4.0beta2 - Remote Memory Read and Denial of Service via EXIF Header Integer Overflow
Nov 29, 2011
EPSS 0.37
CVE-2011-3379
PHP 5.3.7-5.3.8 - Remote Code Execution via is_a Function Autoload Trigger
Nov 03, 2011
EPSS 0.01
CVE-2011-3268
PHP < 5.3.7 - Buffer Overflow via Long Salt Argument in crypt Function
Aug 25, 2011
EPSS 0.17
CVE-2011-3267
PHP < 5.3.7 - Denial of Service via error_log Function
Aug 25, 2011
EPSS 0.04
CVE-2011-3189
PHP 5.3.7 - Authentication Bypass via MD5 Crypt Salt Handling
Aug 25, 2011
EPSS 0.01
CVE-2011-3182
PHP < 5.3.7 - Denial of Service via Malloc Return Value Mismanagement
Aug 25, 2011
EPSS 0.02
CVE-2011-2483
PHP < 5.3.7 - Password Hash Information Disclosure via crypt_blowfish 8-bit Character Handling
Aug 25, 2011
EPSS 0.07
Products
php 723
pear 5
archive_tar 4
frankenphp 2
pearweb 2
php_script_index 2
animated_smiley_generator 1
ar_memberscript 1
blog_cms 1
bloq 1
com_extensions 1
directory_listing_script 1
errordocs 1
ext-http 1
f1_maxs_file_uploader 1
imagick 1
memcached 1
mysql_banner_exchange 1
mysql_extension 1
pear_archive_tar 1
pecl_http 1
php_fi 1
phpsquidpass 1
xhprof 1
xml_rpc 1
Quick Filters