Filter
AND
-Infinity
0
Trending
PHPStream HTTP wrapper header check might omit basic auth header
6.3
First published (updated )
PHPStreams HTTP wrapper does not fail for headers with invalid name and no colon
6.3
First published (updated )
PHPlibxml streams use wrong content-type header when requesting a redirected resource
6.3
First published (updated )
PHPStream HTTP wrapper truncates redirect location to 1024 bytes
6.3
First published (updated )
PHPHeader parser of http stream wrapper does not handle folded headers
6.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPGurukul Land Record SystemSQL Injection
5.5
EPSS
0.08%
First published (updated )
PHPLeak partial content of the heap through heap buffer over-read in mysqlnd
5.8
EPSS
0.04%
First published (updated )
Ubuntu PHP-FPMErroneous parsing of multipart form data
5.3
EPSS
0.05%
First published (updated )
PHPFilter bypass in filter_var (FILTER_VALIDATE_URL)
5.3
EPSS
0.08%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/phpPHP function password_verify can erroneously return true when argument contains NUL
6.5
First published (updated )
redhat/php__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
6.5
First published (updated )
ubuntu/php8.1Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP
4.3
First published (updated )
PHPPotential buffer overflow in php_cli_server_startup_workers
6.2
First published (updated )
PHPIn PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution functio…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPIn PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in…
First published (updated )
PHP$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
6.5
First published (updated )
PHPphar wrapper can occur dos when using quine gzip file
5.5
First published (updated )
PHPSpecial characters break path parsing in XML functions
5.3
First published (updated )
PHPZipArchive::extractTo may extract outside of destination dir
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPMultiple vulnerabilities in Firebird client extension
5.9
First published (updated )
PHPFILTER_VALIDATE_URL accepts URLs with invalid userinfo
5.3
First published (updated )
UbuntuPHP parses encoded cookie names so malicious `__Host-` cookies can be sent
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
UbuntuWrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV
6.5
First published (updated )
PHPUse of freed hash key in the phar_parse_zipfile function
4.8
First published (updated )
PHPget_headers() silently truncates after a null byte
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.