Recently modified high severity vulnerabilities for vendor "php"

Ubuntu PHP-FPMcgi.force_redirect configuration is bypassable due to the environment variable collision

high

7.5

EPSS

0.08%

First published (updated )

CVE-2024-8927

PHPDoS vulnerability when parsing multipart request body

high

7.5

First published (updated )

CVE-2023-0662

PHPArray overrun in common path resolve code

high

8.1

First published (updated )

CVE-2023-0568

Red Hat FedoraPEAR Archive_Tar Deserialization of Untrusted Data Vulnerability

high

7.8

Exploited

First published (updated )

CVE-2020-28949

PHPPHP mb_encode_mimeheader runs endlessly for some inputs

high

7.5

First published (updated )

CVE-2024-2757

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

PHPSecurity issue with external entity loading in XML without enabling it

high

8.6

First published (updated )

CVE-2023-3823

redhat/rh-php73-phpLast updated 24 July 2024

high

7.5

First published (updated )

CVE-2019-19246

Red Hat FedoraPEAR Archive_Tar Improper Link Resolution Vulnerability

high

7.5

Exploited

First published (updated )

CVE-2020-36193

PHPInput Validation

high

7.5

First published (updated )

CVE-2013-3735

PHPpassword_verify() always returns true for some invalid hashes

high

8.1

First published (updated )

CVE-2023-0567

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

PHPConfiguring a proxy in a stream context might allow for CRLF injection in URIs

high

7.2

First published (updated )

CVE-2024-11234

PHPSingle byte overread with convert.quoted-printable-decode filter

high

8.2

First published (updated )

CVE-2024-11233

PHPCommand injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)

high

8.8

EPSS

0.44%

First published (updated )

CVE-2024-5585

PHPOOB read due to insufficient input validation in imageloadfont()

high

7.1

First published (updated )

CVE-2022-31630

Ubuntumb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full

high

8.8

First published (updated )

CVE-2020-7065

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

UbuntuNull Pointer Dereference in PHP Session Upload Progress

high

7.5

First published (updated )

CVE-2020-7062

PHPBuffer Overflow

high

8.1

First published (updated )

CVE-2019-9675

UbuntuLast updated 24 July 2024

high

7.5

First published (updated )

CVE-2019-9640

UbuntuLast updated 24 July 2024

high

7.5

First published (updated )

CVE-2019-9638

UbuntuLast updated 24 July 2024

high

7.5

First published (updated )

CVE-2019-9637

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

UbuntuLast updated 24 July 2024

high

7.5

First published (updated )

CVE-2019-9639

PHPLast updated 24 July 2024

high

7.5

First published (updated )

CVE-2019-9024

PHPBuffer Overflow

high

7.5

First published (updated )

CVE-2019-9022

PHPBuffer Overflow

high

8.8

First published (updated )

CVE-2019-6977

redhat/phpBuffer Overflow

high

7.5

First published (updated )

CVE-2018-20783

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

PHPInteger Overflow

high

7.5

First published (updated )

CVE-2018-14883

PHPLast updated 24 July 2024

high

7.5

First published (updated )

CVE-2018-10546

PHPBuffer Overflow

high

8.8

First published (updated )

CVE-2018-10549

PHPNull Pointer Dereference

high

7.5

First published (updated )

CVE-2018-10548

PHPNull Pointer Dereference

high

7.5

First published (updated )

CVE-2017-9229

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Trending

Software

Ubuntu PHP-FPMcgi.force_redirect configuration is bypassable due to the environment variable collision

PHPDoS vulnerability when parsing multipart request body

PHPArray overrun in common path resolve code

Red Hat FedoraPEAR Archive_Tar Deserialization of Untrusted Data Vulnerability

PHPPHP mb_encode_mimeheader runs endlessly for some inputs

Never miss a vulnerability like this again

PHPSecurity issue with external entity loading in XML without enabling it

redhat/rh-php73-phpLast updated 24 July 2024

Red Hat FedoraPEAR Archive_Tar Improper Link Resolution Vulnerability

PHPInput Validation

PHPpassword_verify() always returns true for some invalid hashes

Never miss a vulnerability like this again

PHPConfiguring a proxy in a stream context might allow for CRLF injection in URIs

PHPSingle byte overread with convert.quoted-printable-decode filter

PHPCommand injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)

PHPOOB read due to insufficient input validation in imageloadfont()

Ubuntumb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full

Never miss a vulnerability like this again

UbuntuNull Pointer Dereference in PHP Session Upload Progress

PHPBuffer Overflow

UbuntuLast updated 24 July 2024

UbuntuLast updated 24 July 2024

UbuntuLast updated 24 July 2024

Never miss a vulnerability like this again

UbuntuLast updated 24 July 2024

PHPLast updated 24 July 2024

PHPBuffer Overflow

PHPBuffer Overflow

redhat/phpBuffer Overflow

Never miss a vulnerability like this again

PHPInteger Overflow

PHPLast updated 24 July 2024

PHPBuffer Overflow

PHPNull Pointer Dereference

PHPNull Pointer Dereference

Never miss a vulnerability like this again

Company

Resources

Contact