ReportizFlow
Filtered by vendor Php
Subscriptions
Filtered by product Php
Subscriptions
Total
730 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-2331 | 5 Debian, Fedoraproject, Nih and 2 more | 5 Debian Linux, Fedora, Libzip and 2 more | 2025-04-12 | N/A |
| Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow. | ||||
| CVE-2016-1904 | 1 Php | 1 Php | 2025-04-12 | N/A |
| Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based buffer overflow. | ||||
| CVE-2015-2787 | 4 Apple, Opensuse, Php and 1 more | 11 Mac Os X, Opensuse, Php and 8 more | 2025-04-12 | N/A |
| Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231. | ||||
| CVE-2016-3074 | 7 Canonical, Debian, Fedoraproject and 4 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2025-04-12 | 9.8 Critical |
| Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow. | ||||
| CVE-2016-4342 | 3 Opensuse, Php, Redhat | 3 Leap, Php, Rhel Software Collections | 2025-04-12 | N/A |
| ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive. | ||||
| CVE-2016-4343 | 3 Opensuse, Php, Redhat | 3 Opensuse, Php, Rhel Software Collections | 2025-04-12 | 8.8 High |
| The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR archive. | ||||
| CVE-2015-6834 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2025-04-12 | N/A |
| Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization. | ||||
| CVE-2016-6174 | 2 Invisioncommunity, Php | 2 Invision Power Board, Php | 2025-04-12 | N/A |
| applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter. | ||||
| CVE-2014-9912 | 1 Php | 1 Php | 2025-04-12 | N/A |
| The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp component, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a locale_get_display_name call with a long first argument. | ||||
| CVE-2016-7411 | 1 Php | 1 Php | 2025-04-12 | N/A |
| ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object. | ||||
| CVE-2014-2270 | 6 Canonical, Debian, File Project and 3 more | 7 Ubuntu Linux, Debian Linux, File and 4 more | 2025-04-12 | N/A |
| softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable. | ||||
| CVE-2016-9934 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2025-04-12 | N/A |
| ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string. | ||||
| CVE-2014-0236 | 1 Php | 1 Php | 2025-04-12 | N/A |
| file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to cdf.c and readcdf.c. | ||||
| CVE-2015-4022 | 3 Apple, Php, Redhat | 10 Mac Os X, Php, Enterprise Linux and 7 more | 2025-04-12 | N/A |
| Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. | ||||
| CVE-2013-6501 | 2 Php, Suse | 2 Php, Linux Enterprise Server | 2025-04-12 | N/A |
| The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c. | ||||
| CVE-2016-9933 | 3 Libgd, Php, Redhat | 3 Libgd, Php, Rhel Software Collections | 2025-04-12 | N/A |
| Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value. | ||||
| CVE-2015-4147 | 3 Apple, Php, Redhat | 10 Mac Os X, Php, Enterprise Linux and 7 more | 2025-04-12 | N/A |
| The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue. | ||||
| CVE-2015-4148 | 3 Apple, Php, Redhat | 10 Mac Os X, Php, Enterprise Linux and 7 more | 2025-04-12 | N/A |
| The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue. | ||||
| CVE-2015-4643 | 4 Debian, Oracle, Php and 1 more | 11 Debian Linux, Linux, Php and 8 more | 2025-04-12 | N/A |
| Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022. | ||||
| CVE-2014-9652 | 3 File Project, Php, Redhat | 4 File, Php, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file. | ||||