PHP PHPLeak partial content of the heap through heap buffer over-read in mysqlnd

EPSS
0.04%
First published (updated )

PHP PHPOOB access in ldap_escape

EPSS
0.04%
First published (updated )

PHP PHPInteger overflow in the firebird and dblib quoters causing OOB writes

First published (updated )

PHP PHPSingle byte overread with convert.quoted-printable-decode filter

8.2
First published (updated )

PHP PHPConfiguring a proxy in a stream context might allow for CRLF injection in URIs

7.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Php-fpm Php-fpmPHP-FPM logs from children may be altered

3.3
EPSS
0.04%
First published (updated )

Php-fpm Php-fpmPHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)

8.8
EPSS
0.05%
First published (updated )

Php-fpm Php-fpmErroneous parsing of multipart form data

EPSS
0.05%
First published (updated )

Php-fpm Php-fpmcgi.force_redirect configuration is bypassable due to the environment variable collision

7.5
EPSS
0.08%
First published (updated )

PHP PHPPHP is vulnerable to the Marvin Attack

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHP PHPPHP-CGI OS Command Injection Vulnerability

EPSS
96.68%
First published (updated )

PHP PHPFilter bypass in filter_var (FILTER_VALIDATE_URL)

EPSS
0.08%
First published (updated )

PHP PHPCommand injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)

8.8
EPSS
0.44%
First published (updated )

PHP PHPCommand injection via array-ish $command parameter of proc_open()

First published (updated )

redhat/phpPHP function password_verify can erroneously return true when argument contains NUL

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/php__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix

First published (updated )

PHP PHPPHP mb_encode_mimeheader runs endlessly for some inputs

7.5
First published (updated )

PHP PHPBuffer overflow and overread in phar_dir_read()

First published (updated )

PHP PHPSecurity issue with external entity loading in XML without enabling it

8.6
First published (updated )

PHP PHPMissing error check and insufficient random bytes in HTTP Digest authentication for SOAP

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHP PHPPotential buffer overflow in php_cli_server_startup_workers

First published (updated )

PHP PHPpassword_verify() always returns true for some invalid hashes

8.1
First published (updated )

PHP PHPArray overrun in common path resolve code

8.1
First published (updated )

PHP PHPDoS vulnerability when parsing multipart request body

7.5
First published (updated )

PHP PHPSQL Injection, Integer Overflow

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHP PHPOOB read due to insufficient input validation in imageloadfont()

7.1
First published (updated )

PHP PHPInteger Overflow, Buffer Overflow

First published (updated )

PHP PHP$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities

First published (updated )

PHP PHPphar wrapper can occur dos when using quine gzip file

First published (updated )

PHP PHPHeap buffer overflow in finfo_buffer

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203