Filtered by vendor Php
Subscribe
Total
764 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0831 | 1 Php | 1 Php | 2025-04-11 | 6.8 MEDIUM | N/A |
| PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c. | |||||
| CVE-2011-0421 | 1 Php | 1 Php | 2025-04-11 | 4.3 MEDIUM | N/A |
| The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation. | |||||
| CVE-2014-1943 | 4 Canonical, Debian, Fine Free File Project and 1 more | 4 Ubuntu Linux, Debian Linux, Fine Free File and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file. | |||||
| CVE-2010-4409 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
| Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument. | |||||
| CVE-2011-4153 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
| PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted string data, as demonstrated by the define function in zend_builtin_functions.c, and unspecified functions in ext/soap/php_sdl.c, ext/standard/syslog.c, ext/standard/browscap.c, ext/oci8/oci8.c, ext/com_dotnet/com_typeinfo.c, and main/php_open_temporary_file.c. | |||||
| CVE-2010-3064 | 1 Php | 1 Php | 2025-04-11 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function. | |||||
| CVE-2011-4718 | 1 Php | 1 Php | 2025-04-11 | 6.8 MEDIUM | N/A |
| Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID. | |||||
| CVE-2012-2311 | 1 Php | 1 Php | 2025-04-11 | 7.5 HIGH | N/A |
| sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823. | |||||
| CVE-2012-1171 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
| The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper. | |||||
| CVE-2013-6420 | 3 Apple, Opensuse, Php | 3 Mac Os X, Opensuse, Php | 2025-04-11 | 7.5 HIGH | N/A |
| The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function. | |||||
| CVE-2010-1128 | 1 Php | 1 Php | 2025-04-11 | 6.4 MEDIUM | N/A |
| The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function. | |||||
| CVE-2012-2336 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
| sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823. | |||||
| CVE-2010-4700 | 1 Php | 1 Php | 2025-04-11 | 6.8 MEDIUM | N/A |
| The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions. | |||||
| CVE-2010-1860 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
| The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal call, related to the call time pass by reference feature. | |||||
| CVE-2010-1915 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
| The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature, modification of ZVALs whose values are not updated in the associated local variables, and access of previously-freed memory. | |||||
| CVE-2012-0057 | 1 Php | 1 Php | 2025-04-11 | 6.4 MEDIUM | N/A |
| PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension. | |||||
| CVE-2011-1468 | 1 Php | 1 Php | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function. | |||||
| CVE-2011-1469 | 1 Php | 1 Php | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper. | |||||
| CVE-2010-3063 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
| The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used. | |||||
| CVE-2010-4150 | 1 Php | 1 Php | 2025-04-11 | 5.0 MEDIUM | N/A |
| Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | |||||