-Infinity
0

PHPStream HTTP wrapper header check might omit basic auth header

First published (updated )

PHPStreams HTTP wrapper does not fail for headers with invalid name and no colon

First published (updated )

PHPlibxml streams use wrong content-type header when requesting a redirected resource

First published (updated )

PHPStream HTTP wrapper truncates redirect location to 1024 bytes

First published (updated )

PHPIn PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* befo…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPIn PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* befo…

First published (updated )

PHPIn PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* befo…

First published (updated )

PHPIn PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* befo…

First published (updated )

PHPLeak partial content of the heap through heap buffer over-read in mysqlnd

EPSS
0.04%
First published (updated )

PHPSingle byte overread with convert.quoted-printable-decode filter

8.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPConfiguring a proxy in a stream context might allow for CRLF injection in URIs

7.2
First published (updated )

PHPHeader parser of http stream wrapper does not handle folded headers

First published (updated )

PHPIn PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* befo…

First published (updated )

PHPIn PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL serve…

First published (updated )

PHPIn PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams wi…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPIn PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in&nb…

First published (updated )

Ubuntu PHP-FPMPHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)

8.8
EPSS
0.05%
First published (updated )

MODx RevolutionPath Traversal

First published (updated )

PHPUse After Free

First published (updated )

PHPBuffer Overflow

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPFixed bug (Memory corruption when loading hostile phar). (CVE-2016-10160)

First published (updated )

PHPInfoleak

7.5
First published (updated )

PHPBuffer Overflow

7.8
First published (updated )

PHPLast updated 24 July 2024

First published (updated )

PHPNull Pointer Dereference

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPFixed bug (FPE when parsing a tag format). (CVE-2016-10158)

7.5
First published (updated )

PHPLast updated 24 July 2024

First published (updated )

PHPLast updated 24 July 2024

First published (updated )

PHPLast updated 24 July 2024

7.5
First published (updated )

PHPFixed bug (Heap out of bounds read on unserialize in finish_nested_data()). (CVE-2016-10161)

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203