Total
706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5116 | 4 Debian, Libgd, Opensuse and 1 more | 4 Debian Linux, Libgd, Leap and 1 more | 2018-10-30 | 6.4 MEDIUM | 9.1 CRITICAL |
| gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and application crash) via a long name. | |||||
| CVE-2016-4342 | 2 Opensuse, Php | 2 Leap, Php | 2018-10-30 | 8.3 HIGH | 8.8 HIGH |
| ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive. | |||||
| CVE-2015-8874 | 2 Opensuse, Php | 2 Leap, Php | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call. | |||||
| CVE-2011-1469 | 1 Php | 1 Php | 2018-10-30 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper. | |||||
| CVE-2011-2202 | 1 Php | 1 Php | 2018-10-30 | 6.4 MEDIUM | N/A |
| The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability." | |||||
| CVE-2009-2626 | 1 Php | 1 Php | 2018-10-30 | 6.4 MEDIUM | N/A |
| The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. | |||||
| CVE-2009-3557 | 1 Php | 1 Php | 2018-10-30 | 5.0 MEDIUM | N/A |
| The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments. | |||||
| CVE-2011-1466 | 1 Php | 1 Php | 2018-10-30 | 5.0 MEDIUM | N/A |
| Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function. | |||||
| CVE-2009-5016 | 1 Php | 1 Php | 2018-10-30 | 6.8 MEDIUM | N/A |
| Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in PHP before 5.2.11 makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string that uses overlong UTF-8 encoding, a different vulnerability than CVE-2010-3870. | |||||
| CVE-2011-1092 | 1 Php | 1 Php | 2018-10-30 | 7.5 HIGH | N/A |
| Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function. | |||||
| CVE-2008-4107 | 1 Php | 1 Php | 2018-10-30 | 5.1 MEDIUM | N/A |
| The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x and WordPress before 2.6.2, a different vulnerability than CVE-2008-2107, CVE-2008-2108, and CVE-2008-4102. | |||||
| CVE-2009-4143 | 1 Php | 1 Php | 2018-10-30 | 10.0 HIGH | N/A |
| PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive. | |||||
| CVE-2009-3292 | 1 Php | 1 Php | 2018-10-30 | 7.5 HIGH | N/A |
| Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing." | |||||
| CVE-2006-7243 | 1 Php | 1 Php | 2018-10-30 | 5.0 MEDIUM | N/A |
| PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function. | |||||
| CVE-2008-7068 | 1 Php | 1 Php | 2018-10-30 | 6.4 MEDIUM | N/A |
| The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file. | |||||
| CVE-2011-1464 | 1 Php | 1 Php | 2018-10-30 | 4.3 MEDIUM | N/A |
| Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option has a large value, might allow context-dependent attackers to cause a denial of service (application crash) via a small numerical value in the argument. | |||||
| CVE-2008-5814 | 1 Php | 1 Php | 2018-10-30 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208. | |||||
| CVE-2011-0754 | 2 Microsoft, Php | 2 Windows, Php | 2018-10-30 | 4.4 MEDIUM | N/A |
| The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack of a FILE_ATTRIBUTE_REPARSE_POINT check. | |||||
| CVE-2007-0908 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2018-10-30 | 5.0 MEDIUM | N/A |
| The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable. | |||||
| CVE-2010-4697 | 1 Php | 1 Php | 2018-10-30 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset, and __unset methods on objects accessed by a reference. | |||||