Filters
Versions
5.0.0
141
5.2.0
141
7.0.0
140
5.0.2
124
4.1.0
122
4.0.5
121
4.1.2
121
4.0.4
120
4.0.6
120
4.2.0
120
4.2.1
120
4.2.2
120
5.0.1
120
5.0.3
120
4.0.1
119
5.2.1
119
4.0.3
118
4.1.1
118
5.0.5
118
4.2.3
117
4.3.0
117
4.3.1
117
5.0.4
117
5.1.1
117
5.1.0
116
5.1.2
116
5.5.0
116
4.0.2
115
4.0.7
115
4.3.2
114
4.3.9
112
4.3.7
111
4.4.0
111
4.3.10
110
4.3.3
110
4.3.6
110
5.1.4
110
4.3.5
109
5.2.3
109
4.3.8
108
4.3.4
107
4.3.11
105
4.0.0
104
4.4.2
104
5.1.6
104
5.2.4
102
5.1.3
101
5.1.5
101
4.4.1
100
5.2.2
95
5.3.0
95
5.0.0-beta1
93
5.0.0-beta2
93
5.0.0-rc1
93
5.0.0-beta3
92
5.0.0-beta4
92
5.0.0-rc2
92
5.0.0-rc3
91
4.4.3
90
4.4.4
90
5.2.5
89
5.6.2
89
5.6.4
89
5.2.6
88
5.6.3
88
5.6.5
82
4.0
81
5.6.0
81
5.6.1
80
5.6.6
80
4.4.6
79
5.2.10
77
4.0-beta1
76
4.0-beta3
76
5.3.1
76
4.0-beta2
75
4.0-beta4
75
4.0-beta_4_patch1
75
5.6.7
75
3.0
74
4.4.5
74
7.0.1
74
3.0.1
73
3.0.10
73
3.0.11
73
3.0.12
73
3.0.13
73
3.0.18
73
3.0.2
73
3.0.3
73
3.0.4
73
3.0.5
73
3.0.6
73
3.0.7
73
3.0.8
73
3.0.9
73
5.2.8
73
5.3.2
73
3.0.16
72
5.2.11
72
3.0.14
71
3.0.15
71
3.0.17
71
5.5.1
71
7.0.2
71
5.2.9
70
5.5.2
69
4.0.1-patch2
68
5.5.3
68
5.5.4
68
5.5.5
68
5.5.6
68
7.0.3
68
7.0.4
67
4.0.1-patch1
66
4.0.3-patch1
66
4.0.7-rc2
66
4.0.7-rc3
66
5.2.12
66
5.5.7
66
4.0.7-rc1
65
5.5.8
65
5.2.7
64
5.6.0-alpha1
64
5.6.0-alpha2
64
5.6.0-alpha3
64
5.6.0-alpha4
64
5.6.0-alpha5
64
5.6.0-beta1
64
5.6.0-beta2
64
5.6.0-beta3
64
5.4.0
63
5.6.0-beta4
63
5.5.10
62
5.5.11
62
5.5.12
62
5.5.13
62
5.6.8
62
7.0.5
62
5.5.9
61
4.4.7
60
5.0-rc1
60
5.0-rc2
60
5.0-rc3
60
5.5.14
60
4.2
59
5.2.13
58
5.5.0-alpha1
58
5.5.0-alpha2
58
5.5.0-alpha3
58
5.5.0-alpha4
58
5.5.0-alpha5
58
5.5.0-alpha6
58
5.5.0-beta1
58
5.5.0-beta2
58
5.5.0-beta3
58
5.5.0-beta4
58
5.5.0-rc1
57
5.5.0-rc2
57
5.6.9
57
7.2.0
57
5.3.3
55
5.6.10
55
1.0
53
2.0b10
53
4.4.8
53
5.5.18
53
5.5.19
53
5.5.20
53
5.6.11
53
2.0
52
7.1.0
51
4.4.9
50
7.3.0
50
7.0.8
48
5.5.21
47
5.6.12
47
7.0.6
47
7.0.7
46
5.2.14
45
5.5.22
44
5.3.5
42
5.3.4
41
5.6.13
40
5.5.23
39
7.0.9
39
4.0.4-patch1
38
5.6.14
38
5.6.15
38
5.6.16
38
5.5.15
37
5.6.17
37
5.5.16
34
5.5.17
34
5.6.18
34
4.0-rc1
33
4.0-rc2
33
5.2.15
33
5.2.16
33
7.4.0
33
5.2.17
32
5.6.19
32
5.3.6
31
5.4.1
29
5.4.2
29
7.0.10
28
5.3.8
27
5.5.24
27
5.6.20
27
5.3.7
26
5.4.3
25
8.0.0
25
7.0.11
23
5.4.10
22
5.4.11
22
5.4.12
22
5.4.4
22
5.4.6
22
5.5.25
22
5.3.10
21
5.3.9
21
5.4.5
21
5.4.7
21
5.4.8
21
5.4.9
21
5.4.13
20
5.4.14
20
5.5.26
20
5.6.21
20
7.0.12
20
8.1.0
19
5.4.39
18
5.3.11
17
5.3.12
17
5.4.12-rc1
17
5.4.12-rc2
17
5.4.13-rc1
17
5.4.14-rc1
17
5.4.15-rc1
16
5.4.16-rc1
16
5.5.27
16
5.3.13
15
5.4.17
15
5.6.22
15
5.4.18
14
5.4.19
14
5.4.20
14
5.4.21
14
5.4.22
14
5.4.23
14
7.0.13
14
8.37
14
5.4.25
13
7.0.14
13
7.1.5
13
5
12
5.3.14
12
5.4.24
12
5.4.26
12
5.4.27
12
5.4.28
12
5.4.29
12
5.5.37
12
4.0.7-rc4
11
5.3.17
11
5.6.24
11
5.3.15
10
5.3.16
10
5.3.18
10
5.3.19
10
5.3.20
10
5.3.21
10
5.4.15
10
5.4.30
10
5.6.23
10
7.1.2
10
8.2.0
10
5.5.28
9
7.0.15
9
7.0.16
9
7.1.1
9
7.1.3
9
7.1.4
9
4
8
5.3.22
8
5.3.23
8
5.3.24
8
5.3.25
8
5.5.33
8
5.5.34
8
5.6.25
8
7.0.17
8
7.0.18
8
7.0.19
8
7.0.20
8
7.1.6
8
5.4.44
7
5.5.29
7
5.5.30
7
5.5.31
7
Php-fpm Php-fpmPHP-FPM logs from children may be altered
3.3
EPSS
0.04%
First published (updated )
Php-fpm Php-fpmPHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)
8.8
EPSS
0.05%
First published (updated )
Php-fpm Php-fpmErroneous parsing of multipart form data
5.3
EPSS
0.05%
First published (updated )
Php-fpm Php-fpmcgi.force_redirect configuration is bypassable due to the environment variable collision
7.5
EPSS
0.08%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPPHP-CGI OS Command Injection Vulnerability
First published (updated )
PHP PHPFilter bypass in filter_var (FILTER_VALIDATE_URL)
5.3
EPSS
0.08%
First published (updated )
PHP PHPCommand injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)
8.8
EPSS
0.44%
First published (updated )
PHP PHPCommand injection via array-ish $command parameter of proc_open()
9.4
First published (updated )
PHP PHPPHP function password_verify can erroneously return true when argument contains NUL
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ubuntu/php8.1__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
6.5
First published (updated )
PHP PHPPHP mb_encode_mimeheader runs endlessly for some inputs
7.5
First published (updated )
PHP PHPBuffer overflow and overread in phar_dir_read()
9.8
First published (updated )
PHP PHPSecurity issue with external entity loading in XML without enabling it
8.6
First published (updated )
PHP PHPMissing error check and insufficient random bytes in HTTP Digest authentication for SOAP
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPPotential buffer overflow in php_cli_server_startup_workers
6.2
First published (updated )
PHP PHPpassword_verify() always returns true for some invalid hashes
8.1
First published (updated )
PHP PHPDoS vulnerability when parsing multipart request body
7.5
First published (updated )
PHP PHPSQL Injection, Integer Overflow
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPOOB read due to insufficient input validation in imageloadfont()
7.1
First published (updated )
PHP PHP$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
6.5
First published (updated )
PHP PHPphar wrapper can occur dos when using quine gzip file
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPFreeing unallocated memory in php_pgsql_free_params()
8.1
First published (updated )
PHP PHPSpecial characters break path parsing in XML functions
5.3
First published (updated )
PHP PHPPHP-FPM memory access in root process leading to privilege escalation
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPZipArchive::extractTo may extract outside of destination dir
6.5
First published (updated )
PHP PHPIncorrect URL validation in FILTER_VALIDATE_URL
5.3
First published (updated )
PHP PHPMultiple vulnerabilities in Firebird client extension
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPFILTER_VALIDATE_URL accepts URLs with invalid userinfo
5.3
First published (updated )
Canonical Ubuntu LinuxPHP parses encoded cookie names so malicious `__Host-` cookies can be sent
5.3
First published (updated )
Canonical Ubuntu LinuxWrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV
6.5
First published (updated )
Chadhaajay PhpkbAn issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part …
7.5
First published (updated )
PHP PHPUse of freed hash key in the phar_parse_zipfile function
4.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPTemporary files are not cleaned after OOM when parsing HTTP request data
7.5
First published (updated )
PHP PHPget_headers() silently truncates after a null byte
5.3
First published (updated )
Canonical Ubuntu Linuxmb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full
8.8
First published (updated )
Canonical Ubuntu LinuxUse-of-uninitialized-value in exif
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
FreeBSD FreeBSDregcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion…
7.8
First published (updated )
Canonical Ubuntu LinuxNull Pointer Dereference in PHP Session Upload Progress
7.5
First published (updated )
PHP PHPglobal buffer-overflow in mbfl_filt_conv_big5_wchar
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.