php

756 tracked vulnerabilities.

CVE-2020-7066 MEDIUM
PHP <7.2.29-7.3.16-7.4.4 - Info Disclosure
Apr 01, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-7065 HIGH
PHP 7.3.0-7.3.15 - Stack-based Buffer Overflow in mb_strtolower() with UTF-32LE Encoding
Apr 01, 2020
CVSS 7.4
EPSS 0.05
CVE-2020-7064 MEDIUM
PHP 7.2.0-7.2.28 - Out-of-bounds Read in EXIF Data Parsing
Apr 01, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-7063 MEDIUM
PHP <7.2.28-7.3.15-7.4.3 - Info Disclosure
Feb 27, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-7062 HIGH
PHP 7.2.0-7.2.27, 7.3.0-7.3.14, 7.4.0-7.4.2 - Denial of Service via File Upload Progress Cleanup
Feb 27, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7061 MEDIUM
PHP 7.3.x < 7.3.15 and 7.4.x < 7.4.3 - Out-of-bounds Read in PHAR File Extraction
Feb 27, 2020
CVSS 6.5
EPSS 0.03
CVE-2020-7060 MEDIUM
PHP 7.2.0-7.2.26 - Out-of-bounds Read in mbstring Multibyte Conversion
Feb 10, 2020
CVSS 6.5
EPSS 0.06
CVE-2020-7059 MEDIUM
PHP 7.2.0-7.2.26 - Out-of-bounds Read in fgetss() Function
Feb 10, 2020
CVSS 6.5
EPSS 0.02
CVE-2019-11048 MEDIUM
PHP 7.2.0-7.2.30 - Denial of Service via Oversized Upload Filename
May 20, 2020
CVSS 5.3
EPSS 0.13
CVE-2019-11050 MEDIUM
PHP 7.2.0-7.2.25, 7.3.0-7.3.12, 7.4.0 - Out-of-bounds Read in EXIF Extension
Dec 23, 2019
CVSS 4.8
EPSS 0.03
CVE-2019-11049 MEDIUM
PHP 7.3.0-7.3.12 - Use-After-Free via mail() Function Lowercase Header
Dec 23, 2019
CVSS 6.5
EPSS 0.03
CVE-2019-11047 MEDIUM
PHP 7.2.0-7.2.25, 7.3.0-7.3.12, 7.4.0 - Out-of-bounds Read in EXIF Extension
Dec 23, 2019
CVSS 4.8
EPSS 0.03
CVE-2019-11046 LOW
PHP 7.2.0-7.2.25, 7.3.0-7.3.12, 7.4.0 - Out-of-bounds Read in bcmath Extension
Dec 23, 2019
CVSS 3.7
EPSS 0.08
CVE-2019-11045 LOW
PHP 7.2.0-7.2.25, 7.3.0-7.3.12, 7.4.0 - Improper Null Termination in DirectoryIterator
Dec 23, 2019
CVSS 3.7
EPSS 0.41
CVE-2019-11044 LOW
PHP <7.2.26-7.3.13-7.4.0 (Windows) - Path Traversal
Dec 23, 2019
CVSS 3.7
EPSS 0.08
CVE-2019-19246 HIGH
Oniguruma < 6.9.3 - Out-of-bounds Read in str_lower_case_match
Nov 25, 2019
CVSS 7.5
EPSS 0.00
CVE-2019-11043 HIGH KEV
PHP 7.1.x < 7.1.33, 7.2.x < 7.2.24, 7.3.x < 7.3.11 - Remote Code Execution via FPM Buffer Overflow
Oct 28, 2019
CVSS 8.7
EPSS 0.94
CVE-2019-11042 HIGH
PHP 7.1.0-7.1.30 - Out-of-bounds Read in EXIF Extension
Aug 09, 2019
CVSS 7.1
EPSS 0.04
CVE-2019-11041 HIGH
PHP 7.1.0-7.1.30, 7.2.0-7.2.20, 7.3.0-7.3.7 - Out-of-bounds Read in EXIF Extension
Aug 09, 2019
CVSS 7.1
EPSS 0.03
CVE-2019-13224 CRITICAL
Oniguruma 6.9.2 - Use-After-Free in onig_new_deluxe()
Jul 10, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-11040 CRITICAL
PHP 7.1.x < 7.1.30, 7.2.x < 7.2.19, 7.3.x < 7.3.6 - Out-of-bounds Read in EXIF Extension
Jun 19, 2019
CVSS 9.1
EPSS 0.01
CVE-2019-11039 CRITICAL
PHP 7.1.x < 7.1.30, 7.2.x < 7.2.19, 7.3.x < 7.3.6 - Integer Overflow in iconv_mime_decode_headers()
Jun 19, 2019
CVSS 9.1
EPSS 0.01
CVE-2019-11038 MEDIUM
libgd - Information Disclosure via Uninitialized Variable in gdImageCreateFromXbm
Jun 19, 2019
CVSS 5.3
EPSS 0.11
CVE-2019-11037 MEDIUM
PHP imagick 3.3.0-3.4.4 - Out-of-bounds Write in ImagickKernel::fromMatrix
May 03, 2019
CVSS 4.9
EPSS 0.01
CVE-2019-11036 CRITICAL
PHP 7.1.x < 7.1.29, 7.2.x < 7.2.18, 7.3.x < 7.3.5 - Out-of-bounds Read in EXIF Extension
May 03, 2019
CVSS 9.1
EPSS 0.02
Products
php 723 pear 5 archive_tar 4 frankenphp 2 pearweb 2 php_script_index 2 animated_smiley_generator 1 ar_memberscript 1 blog_cms 1 bloq 1 com_extensions 1 directory_listing_script 1 errordocs 1 ext-http 1 f1_maxs_file_uploader 1 imagick 1 memcached 1 mysql_banner_exchange 1 mysql_extension 1 pear_archive_tar 1 pecl_http 1 php_fi 1 phpsquidpass 1 xhprof 1 xml_rpc 1
Quick Filters
Critical CVEs With Exploits In CISA KEV