Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / php

php

756 tracked vulnerabilities.

CVE-2017-11142 HIGH

PHP < 5.6.31, 7.x < 7.0.17, 7.1.x < 7.1.3 - Denial of Service via Long Form Variables

CVE-2017-9229 HIGH

Oniguruma 6.2.0 - Memory Corruption

CVE-2017-9228 CRITICAL

Oniguruma 6.2.0 - Memory Corruption

CVE-2017-9227 CRITICAL

Oniguruma 6.2.0 - Memory Corruption

CVE-2017-9226 CRITICAL

Oniguruma <6.2.0 - Memory Corruption

CVE-2017-9225 CRITICAL

Oniguruma <6.2.0 - Memory Corruption

CVE-2017-9224 CRITICAL

Oniguruma <6.2.0 - Memory Corruption

CVE-2017-9119 CRITICAL

PHP 7.1.5 - Denial of Service via Crafted Array Operations

CVE-2017-9067 HIGH

MODX Revolution <2.5.7 - Path Traversal

CVE-2017-8923 CRITICAL

PHP < 7.4.24 - Out-of-bounds Write via zend_string_extend

CVE-2017-7963 HIGH

PHP < 7.1.4 - Denial of Service via GMP Long String Operations

CVE-2017-6441 HIGH

PHP 7.1.2 - Denial of Service via NULL Pointer Dereference in _zval_get_long_func_ex

CVE-2017-7272 HIGH

PHP < 7.1.3 - Server-Side Request Forgery via fsockopen/pfsockopen Port Parsing

CVE-2017-5630 HIGH

PEAR Base System 1.10.1 - Arbitrary File Overwrite via Unvalidated Redirect Response

CVE-2017-5340 CRITICAL

PHP 7.0.0-7.0.14 - Remote Code Execution via Crafted Serialized Data

CVE-2016-7398 CRITICAL

PHP <3.1.0beta2, <2.6.0beta2 - Code Injection

CVE-2016-10712 HIGH

PHP < 5.5.32, 5.6.x < 5.6.18, 7.x < 7.0.3 - Input Validation Bypass via Stream Metadata Manipulation

CVE-2016-10397 HIGH

PHP < 5.6.28 and 7.x < 7.0.13 - URL Parsing Bypass via Incorrect Hostname Validation

CVE-2016-4473 CRITICAL

PHP 5.6.x and 7.0.7 - Remote Code Execution via Use-After-Free in phar_object.c

CVE-2016-5399 HIGH

PHP < 5.5.37 - Out-of-bounds Write via bzread Function

CVE-2016-10162 HIGH

PHP 7.0.x < 7.0.15 and 7.1.x < 7.1.1 - Denial of Service via WDDX Deserialization NULL Pointer Dereference

CVE-2016-10161 HIGH

PHP < 5.6.30, 7.0.x < 7.0.15, 7.1.x < 7.1.1 - Denial of Service via Crafted Serialized Data

CVE-2016-10160 CRITICAL

PHP <5.6.30, <7.0.15 - Memory Corruption

CVE-2016-10159 HIGH

PHP < 5.6.30 and 7.0.x < 7.0.15 - Denial of Service via Truncated PHAR Archive Manifest

CVE-2016-10158 HIGH

PHP < 5.6.30, 7.0.x < 7.0.15, 7.1.x < 7.1.1 - Denial of Service via EXIF Data Integer Division

Previous Page 7 of 31 Next

Products

php 723 pear 5 archive_tar 4 frankenphp 2 pearweb 2 php_script_index 2 animated_smiley_generator 1 ar_memberscript 1 blog_cms 1 bloq 1 com_extensions 1 directory_listing_script 1 errordocs 1 ext-http 1 f1_maxs_file_uploader 1 imagick 1 memcached 1 mysql_banner_exchange 1 mysql_extension 1 pear_archive_tar 1 pecl_http 1 php_fi 1 phpsquidpass 1 xhprof 1 xml_rpc 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy