Vulnerabilities (CVE)

Filtered by vendor Php Subscribe
Filtered by product Php
Total 673 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3515 2 Debian, Php 2 Debian Linux, Php 2022-08-05 7.5 HIGH N/A
The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to "type confusion" issues in (1) ArrayObject and (2) SPLObjectStorage.
CVE-2012-2386 1 Php 1 Php 2022-08-05 7.5 HIGH N/A
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.
CVE-2015-8391 5 Fedoraproject, Oracle, Pcre and 2 more 10 Fedora, Linux, Pcre and 7 more 2022-08-05 9.0 HIGH 9.8 CRITICAL
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2015-2325 4 Mariadb, Opensuse, Pcre and 1 more 4 Mariadb, Opensuse, Pcre and 1 more 2022-08-05 6.8 MEDIUM 7.8 HIGH
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier.
CVE-2015-6831 2 Debian, Php 2 Debian Linux, Php 2022-08-05 7.5 HIGH 7.3 HIGH
Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization.
CVE-2015-6527 1 Php 1 Php 2022-08-05 7.5 HIGH 7.3 HIGH
The php_str_replace_in_subject function in ext/standard/string.c in PHP 7.x before 7.0.0 allows remote attackers to execute arbitrary code via a crafted value in the third argument to the str_ireplace function.
CVE-2015-1351 3 Apple, Oracle, Php 5 Mac Os X, Linux, Secure Backup and 2 more 2022-08-04 7.5 HIGH N/A
Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2014-9425 2 Apple, Php 2 Mac Os X, Php 2022-08-04 7.5 HIGH N/A
Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2022-31627 1 Php 1 Php 2022-08-03 N/A 9.8 CRITICAL
In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.
CVE-2008-2371 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2022-08-01 7.5 HIGH N/A
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.
CVE-2022-31625 1 Php 1 Php 2022-07-22 6.8 MEDIUM 9.8 CRITICAL
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.
CVE-2022-31626 1 Php 1 Php 2022-07-22 6.0 MEDIUM 8.8 HIGH
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.
CVE-2007-0455 5 Canonical, Fedoraproject, Gd Graphics Library Project and 2 more 7 Ubuntu Linux, Fedora, Gd Graphics Library and 4 more 2022-07-21 7.5 HIGH N/A
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
CVE-2007-1887 3 Canonical, Debian, Php 3 Ubuntu Linux, Debian Linux, Php 2022-07-21 7.5 HIGH N/A
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.
CVE-2017-11147 2 Netapp, Php 2 Clustered Data Ontap, Php 2022-07-20 6.4 MEDIUM 9.1 CRITICAL
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.
CVE-2016-1283 4 Fedoraproject, Oracle, Pcre and 1 more 4 Fedora, Solaris, Pcre and 1 more 2022-07-20 7.5 HIGH 9.8 CRITICAL
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2016-10160 3 Debian, Netapp, Php 3 Debian Linux, Clustered Data Ontap, Php 2022-07-20 7.5 HIGH 9.8 CRITICAL
Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch.
CVE-2016-3078 1 Php 1 Php 2022-07-20 7.5 HIGH 9.8 CRITICAL
Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class.
CVE-2016-3074 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2022-07-20 7.5 HIGH 9.8 CRITICAL
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.
CVE-2016-4345 1 Php 1 Php 2022-07-20 7.5 HIGH 9.8 CRITICAL
Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow.