Vulnerabilities (CVE)

Filtered by vendor Php Subscribe
Total 737 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-8879 1 Php 1 Php 2024-02-28 5.0 MEDIUM 7.5 HIGH
The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table.
CVE-2016-6174 2 Invisioncommunity, Php 2 Invision Power Board, Php 2024-02-28 6.8 MEDIUM 8.1 HIGH
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter.
CVE-2015-8391 5 Fedoraproject, Oracle, Pcre and 2 more 10 Fedora, Linux, Pcre and 7 more 2024-02-28 9.0 HIGH 9.8 CRITICAL
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2016-7126 1 Php 1 Php 2024-02-28 7.5 HIGH 9.8 CRITICAL
The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument.
CVE-2015-4604 2 Php, Redhat 8 Php, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
CVE-2016-6291 1 Php 1 Php 2024-02-28 7.5 HIGH 9.8 CRITICAL
The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process memory, or possibly have unspecified other impact via a crafted JPEG image.
CVE-2015-6833 1 Php 1 Php 2024-02-28 5.0 MEDIUM 7.5 HIGH
Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call.
CVE-2015-7774 2 Pc-egg, Php 2 Pwebmanager, Php 2024-02-28 6.5 MEDIUM N/A
PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role.
CVE-2016-3132 1 Php 1 Php 2024-02-28 7.5 HIGH 9.8 CRITICAL
Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.
CVE-2016-1904 1 Php 1 Php 2024-02-28 7.5 HIGH 7.3 HIGH
Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based buffer overflow.
CVE-2016-6295 1 Php 1 Php 2024-02-28 7.5 HIGH 9.8 CRITICAL
ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773.
CVE-2015-8383 3 Fedoraproject, Pcre, Php 3 Fedora, Perl Compatible Regular Expression Library, Php 2024-02-28 7.5 HIGH 9.8 CRITICAL
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2016-5768 1 Php 1 Php 2024-02-28 7.5 HIGH 9.8 CRITICAL
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception.
CVE-2015-8389 3 Fedoraproject, Pcre, Php 3 Fedora, Perl Compatible Regular Expression Library, Php 2024-02-28 7.5 HIGH 9.8 CRITICAL
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2016-4342 2 Opensuse, Php 2 Leap, Php 2024-02-28 8.3 HIGH 8.8 HIGH
ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive.
CVE-2016-4540 3 Fedoraproject, Opensuse, Php 3 Fedora, Leap, Php 2024-02-28 7.5 HIGH 9.8 CRITICAL
The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
CVE-2015-4148 3 Apple, Php, Redhat 8 Mac Os X, Php, Enterprise Linux Desktop and 5 more 2024-02-28 5.0 MEDIUM N/A
The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue.
CVE-2016-4346 2 Opensuse, Php 3 Leap, Opensuse, Php 2024-02-28 7.5 HIGH 9.8 CRITICAL
Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow.
CVE-2016-4544 4 Debian, Fedoraproject, Opensuse and 1 more 5 Debian Linux, Fedora, Leap and 2 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
CVE-2015-8880 1 Php 1 Php 2024-02-28 10.0 HIGH 9.8 CRITICAL
Double free vulnerability in the format printer in PHP 7.x before 7.0.1 allows remote attackers to have an unspecified impact by triggering an error.