Filter
AND
Software
debian/php7.4Leak partial content of the heap through heap buffer over-read in mysqlnd
5.8
EPSS
0.04%
First published (updated )
Php-fpm Php-fpmErroneous parsing of multipart form data
5.3
EPSS
0.05%
First published (updated )
PHPFilter bypass in filter_var (FILTER_VALIDATE_URL)
5.3
EPSS
0.08%
First published (updated )
redhat/phpPHP function password_verify can erroneously return true when argument contains NUL
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/php__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
6.5
First published (updated )
ubuntu/php8.1Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP
4.3
First published (updated )
PHPPotential buffer overflow in php_cli_server_startup_workers
6.2
First published (updated )
PHP$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
6.5
First published (updated )
PHPphar wrapper can occur dos when using quine gzip file
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPSpecial characters break path parsing in XML functions
5.3
First published (updated )
PHPZipArchive::extractTo may extract outside of destination dir
6.5
First published (updated )
PHPMultiple vulnerabilities in Firebird client extension
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHPFILTER_VALIDATE_URL accepts URLs with invalid userinfo
5.3
First published (updated )
Canonical Ubuntu LinuxPHP parses encoded cookie names so malicious `__Host-` cookies can be sent
5.3
First published (updated )
Canonical Ubuntu LinuxWrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV
6.5
First published (updated )
PHPUse of freed hash key in the phar_parse_zipfile function
4.8
First published (updated )
PHPget_headers() silently truncates after a null byte
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Canonical Ubuntu LinuxUse-of-uninitialized-value in exif
6.5
First published (updated )
PHPThe pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorre…
5.5
First published (updated )
PHPFiles added to tar with Phar::buildFromIterator have all-access permissions
5.5
First published (updated )
Canonical Ubuntu LinuxHeap-buffer-overflow READ in exif
6.5
First published (updated )
Canonical Ubuntu LinuxBuffer underflow in bc_shift_addsub
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Canonical Ubuntu LinuxDirectoryIterator class silently truncates after a null byte
5.9
First published (updated )
Canonical Ubuntu LinuxUse-after-free in exif parsing under memory sanitizer
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.