Filter
AND
-Infinity
0

PHPStream HTTP wrapper header check might omit basic auth header

First published (updated )

PHPStreams HTTP wrapper does not fail for headers with invalid name and no colon

First published (updated )

PHPlibxml streams use wrong content-type header when requesting a redirected resource

First published (updated )

PHPStream HTTP wrapper truncates redirect location to 1024 bytes

First published (updated )

PHPHeader parser of http stream wrapper does not handle folded headers

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPGurukul Land Record SystemSQL Injection

EPSS
0.08%
First published (updated )

PHPLeak partial content of the heap through heap buffer over-read in mysqlnd

EPSS
0.04%
First published (updated )

Ubuntu PHP-FPMErroneous parsing of multipart form data

EPSS
0.05%
First published (updated )

PHPPHP is vulnerable to the Marvin Attack

First published (updated )

PHPFilter bypass in filter_var (FILTER_VALIDATE_URL)

EPSS
0.08%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/phpPHP function password_verify can erroneously return true when argument contains NUL

First published (updated )

redhat/php__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix

First published (updated )

ubuntu/php8.1Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP

First published (updated )

PHPPotential buffer overflow in php_cli_server_startup_workers

First published (updated )

PHPIn PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution functio…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPIn PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in…

First published (updated )

PHP$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities

First published (updated )

PHPphar wrapper can occur dos when using quine gzip file

First published (updated )

PHPSpecial characters break path parsing in XML functions

First published (updated )

PHPZipArchive::extractTo may extract outside of destination dir

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPIncorrect URL validation in FILTER_VALIDATE_URL

First published (updated )

PHPMultiple vulnerabilities in Firebird client extension

First published (updated )

XMB ForumXSS

First published (updated )

PHPFILTER_VALIDATE_URL accepts URLs with invalid userinfo

First published (updated )

UbuntuPHP parses encoded cookie names so malicious `__Host-` cookies can be sent

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

UbuntuWrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV

First published (updated )

PHPUse of freed hash key in the phar_parse_zipfile function

First published (updated )

PHPget_headers() silently truncates after a null byte

First published (updated )

PHPNull Pointer Dereference

First published (updated )

UbuntuUse-of-uninitialized-value in exif

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203