Total
733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1710 | 1 Php | 1 Php | 2025-04-09 | 4.3 MEDIUM | N/A |
| The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence. | |||||
| CVE-2007-0911 | 1 Php | 1 Php | 2025-04-09 | 7.8 HIGH | N/A |
| Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow context-dependent attackers to cause a denial of service (crash). | |||||
| CVE-2007-0910 | 2 Php, Trustix | 2 Php, Secure Linux | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors. | |||||
| CVE-2007-0909 | 2 Php, Trustix | 2 Php, Secure Linux | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function. | |||||
| CVE-2007-1413 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id). | |||||
| CVE-2008-1384 | 1 Php | 1 Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions). | |||||
| CVE-2007-1475 | 1 Php | 1 Php | 2025-04-09 | 5.4 MEDIUM | N/A |
| Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4.4.6 and earlier allow context-dependent attackers to execute arbitrary code via a long argument. | |||||
| CVE-2004-1063 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2025-04-03 | 10.0 HIGH | N/A |
| PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. | |||||
| CVE-2002-2309 | 1 Php | 1 Php | 2025-04-03 | 7.8 HIGH | N/A |
| php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments. | |||||
| CVE-2006-1608 | 1 Php | 1 Php | 2025-04-03 | 2.1 LOW | N/A |
| The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI. | |||||
| CVE-2005-3392 | 1 Php | 1 Php | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives. | |||||
| CVE-2003-0166 | 1 Php | 1 Php | 2025-04-03 | 7.5 HIGH | N/A |
| Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions. | |||||
| CVE-2006-2660 | 1 Php | 1 Php | 2025-04-03 | 2.1 LOW | N/A |
| Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the filename. | |||||
| CVE-2006-4481 | 1 Php | 1 Php | 2025-04-03 | 7.2 HIGH | N/A |
| The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_open function is covered by CVE-2006-1017. | |||||
| CVE-2005-3389 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected. | |||||
| CVE-2002-2215 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function. | |||||
| CVE-2004-1064 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2025-04-03 | 10.0 HIGH | N/A |
| The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. | |||||
| CVE-2006-1014 | 1 Php | 1 Php | 2025-04-03 | 3.2 LOW | N/A |
| Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent attackers to read and create arbitrary files by providing extra -C and -X arguments to sendmail. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE. | |||||
| CVE-2006-4483 | 1 Php | 1 Php | 2025-04-03 | 9.3 HIGH | N/A |
| The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache. | |||||
| CVE-2002-2214 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| The php_if_imap_mime_header_decode function in the IMAP functionality in PHP before 4.2.2 allows remote attackers to cause a denial of service (crash) via an e-mail header with a long "To" header. | |||||