Filter
AND

PHPBuffer overflow and overread in phar_dir_read()

critical
9.8
First published (updated )
CVE-2023-3824

PHPSecurity issue with external entity loading in XML without enabling it

high
8.6
First published (updated )
CVE-2023-3823

PHPDoS vulnerability when parsing multipart request body

high
7.5
First published (updated )
CVE-2023-0662

PHPArray overrun in common path resolve code

high
8.1
First published (updated )
CVE-2023-0568

PHPPHP-CGI OS Command Injection Vulnerability

critical
9.8
Exploited
EPSS
96.68%
First published (updated )
CVE-2024-4577

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

PHPFilter bypass in filter_var (FILTER_VALIDATE_URL)

medium
5.3
EPSS
0.08%
First published (updated )
CVE-2024-5458

PHPpassword_verify() always returns true for some invalid hashes

high
8.1
First published (updated )
CVE-2023-0567

ubuntu/php8.1Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP

medium
4.3
First published (updated )
CVE-2023-3247

PHPConfiguring a proxy in a stream context might allow for CRLF injection in URIs

high
7.2
First published (updated )
CVE-2024-11234

PHPInteger overflow in the firebird and dblib quoters causing OOB writes

critical
9.8
First published (updated )
CVE-2024-11236

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

PHPSingle byte overread with convert.quoted-printable-decode filter

high
8.2
First published (updated )
CVE-2024-11233

PHPCommand injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)

high
8.8
EPSS
0.44%
First published (updated )
CVE-2024-5585

PHPInteger Overflow, Buffer Overflow

critical
9.8
First published (updated )
CVE-2022-37454

PHP$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities

medium
6.5
First published (updated )
CVE-2022-31629

PHPOOB read due to insufficient input validation in imageloadfont()

high
7.1
First published (updated )
CVE-2022-31630

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

PHPphar wrapper can occur dos when using quine gzip file

medium
5.5
First published (updated )
CVE-2022-31628

PHPLast updated 24 July 2024

high
7.5
First published (updated )
CVE-2017-9118

PHPPotential buffer overflow in php_cli_server_startup_workers

medium
6.2
First published (updated )
CVE-2022-4900

PHPmysqlnd/pdo password buffer overflow

high
8.8
First published (updated )
CVE-2022-31626

PHPHeap buffer overflow in finfo_buffer

critical
9.8
First published (updated )
CVE-2022-31627

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

PHPUAF due to php_filter_float() failing

critical
9.8
First published (updated )
CVE-2021-21708

PHPFreeing unallocated memory in php_pgsql_free_params()

high
8.1
First published (updated )
CVE-2022-31625

PHPPHP is vulnerable to the Marvin Attack

medium
5.9
First published (updated )
CVE-2024-2408

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203