Filtered by vendor Php
Subscribe
Total
727 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-4601 | 2 Php, Redhat | 7 Php, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more | 2018-01-04 | 10.0 HIGH | 9.8 CRITICAL |
| PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600. | |||||
| CVE-2016-4072 | 2 Apple, Php | 2 Mac Os X, Php | 2018-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the phar_analyze_path function in ext/phar/phar.c. | |||||
| CVE-2016-5114 | 1 Php | 1 Php | 2018-01-04 | 6.4 MEDIUM | 9.1 CRITICAL |
| sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and buffer overflow) via a long string, as demonstrated by a long URI in a configuration with custom REQUEST_URI logging. | |||||
| CVE-2014-9705 | 1 Php | 1 Php | 2018-01-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries. | |||||
| CVE-2015-0232 | 1 Php | 1 Php | 2018-01-04 | 6.8 MEDIUM | N/A |
| The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image. | |||||
| CVE-2014-3587 | 2 Christos Zoulas, Php | 2 File, Php | 2018-01-04 | 4.3 MEDIUM | N/A |
| Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571. | |||||
| CVE-2015-0273 | 1 Php | 1 Php | 2018-01-04 | 7.5 HIGH | N/A |
| Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or (b) DateTime data handled by the php_date_initialize_from_hash function. | |||||
| CVE-2014-9767 | 2 Hiphop Virtual Machine For Php Project, Php | 2 Hiphop Virtual Machine For Php, Php | 2018-01-04 | 4.3 MEDIUM | 4.3 MEDIUM |
| Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive. | |||||
| CVE-2013-7456 | 2 Libgd, Php | 2 Libgd, Php | 2018-01-04 | 6.8 MEDIUM | 7.6 HIGH |
| gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function. | |||||
| CVE-2012-2688 | 1 Php | 1 Php | 2017-12-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow." | |||||
| CVE-2012-3365 | 1 Php | 1 Php | 2017-11-30 | 5.0 MEDIUM | N/A |
| The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. | |||||
| CVE-2015-6838 | 2 Php, Xmlsoft | 2 Php, Libxml2 | 2017-11-03 | 5.0 MEDIUM | 7.5 HIGH |
| The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument loop, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837. | |||||
| CVE-2015-6837 | 2 Php, Xmlsoft | 2 Php, Libxml2 | 2017-11-03 | 5.0 MEDIUM | 7.5 HIGH |
| The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838. | |||||
| CVE-2015-5589 | 1 Php | 1 Php | 2017-11-03 | 10.0 HIGH | 9.8 CRITICAL |
| The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call. | |||||
| CVE-2015-6836 | 1 Php | 1 Php | 2017-11-03 | 7.5 HIGH | 7.3 HIGH |
| The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serialize_function_call function. | |||||
| CVE-2016-8670 | 2 Libgd, Php | 2 Libgd, Php | 2017-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call. | |||||
| CVE-2016-9137 | 1 Php | 1 Php | 2017-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing. | |||||
| CVE-2015-6835 | 1 Php | 1 Php | 2017-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted session content. | |||||
| CVE-2015-6834 | 1 Php | 1 Php | 2017-11-03 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization. | |||||
| CVE-2015-6833 | 1 Php | 1 Php | 2017-11-03 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call. | |||||