php

756 tracked vulnerabilities.

CVE-2010-1917
PHP 5.2-5.2.13 and 5.3-5.3.2 - Denial of Service via fnmatch Function
May 12, 2010
EPSS 0.02
CVE-2010-1915
PHP 5.2-5.2.13 and 5.3-5.3.2 - Information Disclosure via preg_quote Interruption
May 12, 2010
EPSS 0.01
CVE-2010-1914
PHP 5.2-5.2.13 and 5.3-5.3.2 - Information Disclosure via Zend Engine Opcode Interruption
May 12, 2010
EPSS 0.01
CVE-2010-1868
PHP 5.2-5.2.13 and 5.3-5.3.2 - Remote Code Execution via sqlite_single_query and sqlite_array_query
May 07, 2010
EPSS 0.01
CVE-2010-1866 CRITICAL
PHP 5.3.0-5.3.2 - Denial of Service via Negative Chunk Size in HTTP Chunked Encoding Decoder
May 07, 2010
CVSS 9.8
EPSS 0.02
CVE-2010-1864
PHP 5.2-5.2.13 and 5.3-5.3.2 - Memory Contents Exposure via addcslashes Interruption
May 07, 2010
EPSS 0.00
CVE-2010-1862
PHP 5.2-5.2.13 and 5.3-5.3.2 - Information Disclosure via chunk_split Function Interruption
May 07, 2010
EPSS 0.00
CVE-2010-1861
PHP 5.2-5.2.13 and 5.3-5.3.2 - Use-After-Free in sysvshm Extension via __sleep Interruption
May 07, 2010
EPSS 0.00
CVE-2010-1860
PHP 5.2-5.2.13 and 5.3-5.3.2 - Memory Contents Exposure via html_entity_decode Interruption
May 07, 2010
EPSS 0.00
CVE-2010-1130
PHP <5.2.13, 5.3.1 - Info Disclosure
Mar 26, 2010
EPSS 0.06
CVE-2010-1129
PHP < 5.2.13 - Directory Access Restriction Bypass via tempnam Function
Mar 26, 2010
EPSS 0.02
CVE-2010-1128
PHP < 5.2.13 - Insufficient Entropy in Linear Congruential Generator
Mar 26, 2010
EPSS 0.05
CVE-2010-0397
PHP 5.3.1 - Denial of Service via xmlrpc_decode_request NULL Pointer Dereference
Mar 16, 2010
EPSS 0.08
CVE-2009-5016
PHP < 5.2.10 - Integer Overflow in xml_utf8_decode Function
Nov 12, 2010
EPSS 0.03
CVE-2009-4418
PHP < 5.3.0 - Denial of Service via Deeply Nested Unserialize
Dec 24, 2009
EPSS 0.00
CVE-2009-4143
PHP < 5.2.12 - Session Data Handling Vulnerability
Dec 21, 2009
EPSS 0.08
CVE-2009-4142
PHP < 5.2.12 - Cross-Site Scripting via Improper UTF-8 and Multi-byte Sequence Handling
Dec 21, 2009
EPSS 0.17
CVE-2009-2626
PHP < 5.2.10 - Memory Disclosure and Denial of Service via ini_set and ini_restore
Dec 01, 2009
EPSS 0.08
CVE-2009-4018
PHP <5.2.11 & 5.3.x <5.3.1 - Command Injection
Nov 29, 2009
EPSS 0.22
CVE-2009-4017
PHP < 5.2.12 and 5.3.x < 5.3.1 - Denial of Service via Multipart Form Data Temporary File Exhaustion
Nov 24, 2009
EPSS 0.02
CVE-2009-3559
PHP 5.3.x - Unauthenticated Denial of Service via Plain Wrapper Include Failure
Nov 23, 2009
EPSS 0.03
CVE-2009-3558
PHP < 5.2.10 - open_basedir Restriction Bypass via posix_mkfifo
Nov 23, 2009
EPSS 0.04
CVE-2009-3557
PHP < 5.2.11 - Safe Mode Bypass via tempnam Function
Nov 23, 2009
EPSS 0.04
CVE-2009-3546
GD Graphics Library - Buffer Overflow via Crafted GD File
Oct 19, 2009
EPSS 0.05
CVE-2009-3294
PHP 5.2.0-5.2.10 - Denial of Service via popen Mode Argument
Sep 22, 2009
EPSS 0.02
Products
php 723 pear 5 archive_tar 4 frankenphp 2 pearweb 2 php_script_index 2 animated_smiley_generator 1 ar_memberscript 1 blog_cms 1 bloq 1 com_extensions 1 directory_listing_script 1 errordocs 1 ext-http 1 f1_maxs_file_uploader 1 imagick 1 memcached 1 mysql_banner_exchange 1 mysql_extension 1 pear_archive_tar 1 pecl_http 1 php_fi 1 phpsquidpass 1 xhprof 1 xml_rpc 1
Quick Filters
Critical CVEs With Exploits In CISA KEV