Filtered by vendor Php Subscriptions
Filtered by product Php Subscriptions
Total 727 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-31631 3 Php, Redhat, Sqlite 3 Php, Enterprise Linux, Sqlite 2025-07-03 9.1 Critical
In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities.
CVE-2025-1861 3 Netapp, Php, Redhat 3 Ontap, Php, Enterprise Linux 2025-07-02 9.8 Critical
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.
CVE-2025-1736 3 Netapp, Php, Redhat 3 Ontap, Php, Enterprise Linux 2025-07-02 7.3 High
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted.
CVE-2025-1734 3 Netapp, Php, Redhat 3 Ontap, Php, Enterprise Linux 2025-07-02 5.3 Medium
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when receiving headers from HTTP server, the headers missing a colon (:) are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers.
CVE-2024-8929 3 Php, Php Group, Redhat 3 Php, Php, Enterprise Linux 2025-07-02 5.8 Medium
In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.
CVE-2024-8932 3 Netapp, Php, Php Group 3 Ontap, Php, Php 2025-07-02 9.8 Critical
In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.
CVE-2024-3566 7 Golang, Haskell, Microsoft and 4 more 7 Go, Process Library, Windows and 4 more 2025-06-25 9.8 Critical
A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.
CVE-2024-1874 3 Fedoraproject, Php, Php Group 3 Fedora, Php, Php 2025-06-19 9.4 Critical
In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.
CVE-2024-2757 1 Php 1 Php 2025-06-19 7.5 High
In PHP 8.3.* before 8.3.5, function mb_encode_mimeheader() runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function.
CVE-2024-3096 3 Debian, Php, Redhat 3 Debian Linux, Php, Enterprise Linux 2025-06-19 6.5 Medium
In PHP  version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if a password stored with password_hash() starts with a null byte (\x00), testing a blank string as the password via password_verify() will incorrectly return true.
CVE-2025-1219 2 Php, Redhat 2 Php, Enterprise Linux 2025-05-23 5.3 Medium
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the charset when the requested resource performs a redirect. This may cause the resulting document to be parsed incorrectly or bypass validations.
CVE-2025-1217 2 Php, Redhat 2 Php, Enterprise Linux 2025-05-23 3.1 Low
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME types, etc.
CVE-2022-31628 4 Debian, Fedoraproject, Php and 1 more 4 Debian Linux, Fedora, Php and 1 more 2025-05-20 2.3 Low
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
CVE-2022-37454 9 Debian, Extended Keccak Code Package Project, Fedoraproject and 6 more 9 Debian Linux, Extended Keccak Code Package, Fedora and 6 more 2025-05-08 9.8 Critical
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
CVE-2024-11235 2 Php, Redhat 2 Php, Enterprise Linux 2025-04-30 8.1 High
In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??=  operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution.
CVE-2024-8926 2 Php, Php-fpm 2 Php, Php-fpm 2025-04-25 8.1 High
In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for  CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3  may still be bypassed and the same command injection related to Windows "Best Fit" codepage behavior can be achieved. This may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
CVE-2017-11142 1 Php 1 Php 2025-04-20 N/A
In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.
CVE-2017-12933 2 Php, Redhat 2 Php, Rhel Software Collections 2025-04-20 N/A
The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP.
CVE-2017-11628 2 Php, Redhat 2 Php, Rhel Software Collections 2025-04-20 N/A
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input (instead of the system's php.ini file) for the parse_ini_string or parse_ini_file function, e.g., a web application for syntax validation of php.ini directives.
CVE-2017-11362 2 Php, Redhat 2 Php, Rhel Software Collections 2025-04-20 N/A
In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformat_parse.c does not restrict the locale length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact within International Components for Unicode (ICU) for C/C++ via a long first argument to the msgfmt_parse_message function.