Software
Php-fpm Php-fpmPHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)
Php-fpm Php-fpmcgi.force_redirect configuration is bypassable due to the environment variable collision
PHP PHPCommand injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)
PHP PHPPHP mb_encode_mimeheader runs endlessly for some inputs
PHP PHPSecurity issue with external entity loading in XML without enabling it
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPpassword_verify() always returns true for some invalid hashes
PHP PHPDoS vulnerability when parsing multipart request body
PHP PHPOOB read due to insufficient input validation in imageloadfont()
PHP PHPFreeing unallocated memory in php_pgsql_free_params()
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPPHP-FPM memory access in root process leading to privilege escalation
Fedoraproject FedoraIn Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a diff…
Fedoraproject FedoraPEAR Archive_Tar Improper Link Resolution Vulnerability
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fedoraproject FedoraPEAR Archive_Tar Deserialization of Untrusted Data Vulnerability
Chadhaajay PhpkbAn issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part …
PHP PHPTemporary files are not cleaned after OOM when parsing HTTP request data
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Canonical Ubuntu Linuxmb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full
FreeBSD FreeBSDregcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion…
Canonical Ubuntu LinuxNull Pointer Dereference in PHP Session Upload Progress
PHP PHPThe compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorr…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPlink() silently truncates after a null byte on Windows
Canonical Ubuntu Linuxheap-buffer-overflow on exif_scan_thumbnail in EXIF extension
Canonical Ubuntu Linuxheap-buffer-overflow on exif_process_user_comment in EXIF extension
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ubuntu/php-pearPotential RCE if filename starts with phar://
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPFixed bug (imap_open allows to run arbitrary shell commands via mailbox parameter). (CVE-2018-19518…
PHP PHPext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of serv…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.