Filter
-Infinity
0

Trending

Last week
Last month
Last year

debian/php7.4Leak partial content of the heap through heap buffer over-read in mysqlnd

medium
5.8
EPSS
0.04%
First published (updated )
CVE-2024-8929

debian/php7.4OOB access in ldap_escape

critical
9.8
EPSS
0.04%
First published (updated )
CVE-2024-8932

PHPInteger overflow in the firebird and dblib quoters causing OOB writes

critical
9.8
First published (updated )
CVE-2024-11236

PHPSingle byte overread with convert.quoted-printable-decode filter

high
8.2
First published (updated )
CVE-2024-11233

PHPConfiguring a proxy in a stream context might allow for CRLF injection in URIs

high
7.2
First published (updated )
CVE-2024-11234

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

PHPIn PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using PHP-FPM SA…

low
1
First published (updated )
REDHAT-BUG-2317144

Ubuntu PHP-FPMPHP-FPM logs from children may be altered

low
3.3
EPSS
0.04%
First published (updated )
CVE-2024-9026

Ubuntu PHP-FPMPHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)

high
8.8
EPSS
0.05%
First published (updated )
CVE-2024-8926

Ubuntu PHP-FPMErroneous parsing of multipart form data

medium
5.3
EPSS
0.05%
First published (updated )
CVE-2024-8925

Ubuntu PHP-FPMcgi.force_redirect configuration is bypassable due to the environment variable collision

high
7.5
EPSS
0.08%
First published (updated )
CVE-2024-8927

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

PHPPHP is vulnerable to the Marvin Attack

medium
5.9
First published (updated )
CVE-2024-2408

PHP security leases 8.3.8, 8.2.20, and 8.1.29

First published (updated )
https://seclists.org/oss-sec/2024/q2/273

PHPPHP-CGI OS Command Injection Vulnerability

critical
9.8
Exploited
EPSS
96.68%
First published (updated )
CVE-2024-4577

PHPFilter bypass in filter_var (FILTER_VALIDATE_URL)

medium
5.3
EPSS
0.08%
First published (updated )
CVE-2024-5458

PHPCommand injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)

high
8.8
EPSS
0.44%
First published (updated )
CVE-2024-5585

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence

First published (updated )
https://seclists.org/oss-sec/2024/q2/260

The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence

First published (updated )
https://seclists.org/oss-sec/2024/q2/258

PHPCommand injection via array-ish $command parameter of proc_open()

critical
9.4
First published (updated )
CVE-2024-1874

PHP security releases 8.1.28, 8.2.18, & 8.3.6

First published (updated )
https://seclists.org/oss-sec/2024/q2/113

redhat/phpPHP function password_verify can erroneously return true when argument contains NUL

medium
6.5
First published (updated )
CVE-2024-3096

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

redhat/php__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix

medium
6.5
First published (updated )
CVE-2024-2756

PHPPHP mb_encode_mimeheader runs endlessly for some inputs

high
7.5
First published (updated )
CVE-2024-2757

composer/phenx/php-svg-libphp-svg-lib lacks path validation on font through SVG inline styles

critical
9.8
EPSS
0.04%
First published (updated )
CVE-2024-25117

PHPBuffer overflow and overread in phar_dir_read()

critical
9.8
First published (updated )
CVE-2023-3824

PHPSecurity issue with external entity loading in XML without enabling it

high
8.6
First published (updated )
CVE-2023-3823

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

ubuntu/php8.1Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP

medium
4.3
First published (updated )
CVE-2023-3247

PHPPotential buffer overflow in php_cli_server_startup_workers

medium
6.2
First published (updated )
CVE-2022-4900

PHP<a href="https://access.redhat.com/security/cve/CVE-2023-0567">CVE-2023-0567</a>[0]: PHP: Password_v…

low
1
First published (updated )
REDHAT-BUG-2170771

PHPIn PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution functio…

medium
4
First published (updated )
REDHAT-BUG-2170770

PHPIn PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in…

medium
4
First published (updated )
REDHAT-BUG-2170761

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203