Filter
AND
PHPOOB read due to insufficient input validation in imageloadfont()
7.1
First published (updated )
PHPSpecial characters break path parsing in XML functions
5.3
First published (updated )
UbuntuPHP parses encoded cookie names so malicious `__Host-` cookies can be sent
5.3
First published (updated )
UbuntuWrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPget_headers() silently truncates after a null byte
5.3
First published (updated )
Ubuntumb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full
8.8
First published (updated )
UbuntuNull Pointer Dereference in PHP Session Upload Progress
7.5
First published (updated )
PHPglobal buffer-overflow in mbfl_filt_conv_big5_wchar
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPFiles added to tar with Phar::buildFromIterator have all-access permissions
5.5
First published (updated )
PHPInteger Overflow, Buffer Overflow, SQL Injection
9.8
First published (updated )
PHPPotential buffer overflow in php_cli_server_startup_workers
6.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPPHP-FPM memory access in root process leading to privilege escalation
7.8
First published (updated )
PHPlink() silently truncates after a null byte on Windows
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPMultiple vulnerabilities in Firebird client extension
5.9
First published (updated )
PHPUse of freed hash key in the phar_parse_zipfile function
4.8
First published (updated )
PHPZipArchive::extractTo may extract outside of destination dir
6.5
First published (updated )
PHPmail() may release string with refcount==1 twice
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Ubuntu LinuxDirectoryIterator class silently truncates after a null byte
5.9
First published (updated )
PHPTemporary files are not cleaned after OOM when parsing HTTP request data
7.5
First published (updated )
Ubuntu LinuxUse-after-free in exif parsing under memory sanitizer
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.