Filter
AND
Software
PHP PHPSingle byte overread with convert.quoted-printable-decode filter
8.2
First published (updated )
PHP PHPConfiguring a proxy in a stream context might allow for CRLF injection in URIs
7.2
First published (updated )
Php-fpm Php-fpmPHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)
8.8
EPSS
0.05%
First published (updated )
Php-fpm Php-fpmcgi.force_redirect configuration is bypassable due to the environment variable collision
7.5
EPSS
0.08%
First published (updated )
PHP PHPCommand injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)
8.8
EPSS
0.44%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPPHP mb_encode_mimeheader runs endlessly for some inputs
7.5
First published (updated )
PHP PHPSecurity issue with external entity loading in XML without enabling it
8.6
First published (updated )
PHP PHPpassword_verify() always returns true for some invalid hashes
8.1
First published (updated )
PHP PHPDoS vulnerability when parsing multipart request body
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPOOB read due to insufficient input validation in imageloadfont()
7.1
First published (updated )
PHP PHPFreeing unallocated memory in php_pgsql_free_params()
8.1
First published (updated )
PHP PHPPHP-FPM memory access in root process leading to privilege escalation
7.8
First published (updated )
Fedoraproject FedoraIn Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a diff…
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fedoraproject FedoraPEAR Archive_Tar Improper Link Resolution Vulnerability
First published (updated )
Fedoraproject FedoraPEAR Archive_Tar Deserialization of Untrusted Data Vulnerability
First published (updated )
Chadhaajay PhpkbAn issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPTemporary files are not cleaned after OOM when parsing HTTP request data
7.5
First published (updated )
Canonical Ubuntu Linuxmb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full
8.8
First published (updated )
FreeBSD FreeBSDregcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion…
7.8
First published (updated )
Canonical Ubuntu LinuxNull Pointer Dereference in PHP Session Upload Progress
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPThe compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorr…
7.8
First published (updated )
PHP PHPlink() silently truncates after a null byte on Windows
7.5
First published (updated )
Canonical Ubuntu Linuxheap-buffer-overflow on exif_scan_thumbnail in EXIF extension
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.