Filtered by vendor Php
Subscribe
Total
744 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1286 | 1 Php | 1 Php | 2025-04-09 | 6.8 MEDIUM | N/A |
| Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter. | |||||
| CVE-2007-3998 | 3 Canonical, Debian, Php | 3 Ubuntu Linux, Debian Linux, Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, ""' argument set. | |||||
| CVE-2009-3546 | 2 Libgd, Php | 2 Gd Graphics Library, Php | 2025-04-09 | 9.3 HIGH | N/A |
| The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-4782 | 1 Php | 1 Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined characteristics, as demonstrated by a "*[1]e" value. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution. | |||||
| CVE-2007-4255 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent attackers to execute arbitrary code via a long first argument to the msql_connect function. | |||||
| CVE-2009-2626 | 1 Php | 1 Php | 2025-04-09 | 6.4 MEDIUM | N/A |
| The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. | |||||
| CVE-2007-1285 | 5 Canonical, Novell, Php and 2 more | 7 Ubuntu Linux, Suse Linux, Php and 4 more | 2025-04-09 | 5.0 MEDIUM | 7.5 HIGH |
| The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines. | |||||
| CVE-2007-2844 | 1 Php | 1 Php | 2025-04-09 | 9.3 HIGH | N/A |
| PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access. | |||||
| CVE-2008-5557 | 1 Php | 1 Php | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion, related to the (1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and (4) mb_parse_str functions. | |||||
| CVE-2007-4663 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function. | |||||
| CVE-2008-2666 | 1 Php | 1 Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safe_mode restrictions by creating a subdirectory named http: and then placing ../ (dot dot slash) sequences in an http URL argument to the (1) chdir or (2) ftok function. | |||||
| CVE-2007-0448 | 1 Php | 1 Php | 2025-04-09 | 10.0 HIGH | N/A |
| The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI. | |||||
| CVE-2009-4017 | 3 Apple, Debian, Php | 3 Mac Os X, Debian Linux, Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive. | |||||
| CVE-2008-5814 | 1 Php | 1 Php | 2025-04-09 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208. | |||||
| CVE-2008-2050 | 1 Php | 1 Php | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors. | |||||
| CVE-2008-3658 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. | |||||
| CVE-2007-2728 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security issue. | |||||
| CVE-2007-5447 | 2 Ioncube, Php | 2 Php Encoder, Php | 2025-04-09 | 4.3 MEDIUM | N/A |
| ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file function. | |||||
| CVE-2008-2665 | 1 Php | 1 Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the posix_access function in PHP 5.2.6 and earlier allows remote attackers to bypass safe_mode restrictions via a .. (dot dot) in an http URL, which results in the URL being canonicalized to a local filename after the safe_mode check has successfully run. | |||||
| CVE-2007-1399 | 2 Pecl Zip, Php | 2 1.8.3, Php | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or blog pingback. | |||||