-Infinity
0

PHPStream HTTP wrapper header check might omit basic auth header

First published (updated )

PHPStreams HTTP wrapper does not fail for headers with invalid name and no colon

First published (updated )

PHPlibxml streams use wrong content-type header when requesting a redirected resource

First published (updated )

PHPStream HTTP wrapper truncates redirect location to 1024 bytes

First published (updated )

PHPHeader parser of http stream wrapper does not handle folded headers

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPGurukul Land Record SystemSQL Injection

EPSS
0.08%
First published (updated )

PHPPHP-CGI OS Command Injection Vulnerability

EPSS
96.68%
First published (updated )

PHPPHP is vulnerable to the Marvin Attack

First published (updated )

PHPPotential buffer overflow in php_cli_server_startup_workers

First published (updated )

Ubuntu PHP-FPMcgi.force_redirect configuration is bypassable due to the environment variable collision

7.5
EPSS
0.08%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPDoS vulnerability when parsing multipart request body

7.5
First published (updated )

PHPArray overrun in common path resolve code

8.1
First published (updated )

Ubuntu PHP-FPMErroneous parsing of multipart form data

EPSS
0.05%
First published (updated )

PHP security leases 8.4.5, 8.3.19, 8.2.28, 8.1.32

PHPFilter bypass in filter_var (FILTER_VALIDATE_URL)

EPSS
0.08%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPUse After Free

First published (updated )

BleepingComputerCritical PHP RCE vulnerability mass exploited in new attacks

First published (updated )

Red Hat FedoraPEAR Archive_Tar Deserialization of Untrusted Data Vulnerability

First published (updated )

PHPPHP-CGI Query String Parameter Vulnerability

First published (updated )

Red Hat Enterprise Linux ServerUnderflow in PHP-FPM can lead to RCE

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/phpPHP function password_verify can erroneously return true when argument contains NUL

First published (updated )

redhat/php__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix

First published (updated )

PHPPHP mb_encode_mimeheader runs endlessly for some inputs

7.5
First published (updated )

PHPCommand injection via array-ish $command parameter of proc_open()

First published (updated )

PHPBuffer overflow and overread in phar_dir_read()

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPSecurity issue with external entity loading in XML without enabling it

8.6
First published (updated )

debian/php7.4PDO::quote() may return unquoted string

First published (updated )

redhat/rh-php73-phpLast updated 24 July 2024

7.5
First published (updated )

ubuntu/libgd2Fixed bug (Potential infinite loop in gdImageCreateFromGifCtx). (CVE-2018-5711)

First published (updated )

composer/phenx/php-svg-libphp-svg-lib lacks path validation on font through SVG inline styles

EPSS
0.04%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203