VYPR

PHP

by PHP

Source repositories

CVEs (731)

  • CVE-2026-7568HigMay 10, 2026
    risk 0.42cvss 7.5epss 0.00

    In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the metaphone() function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647…

  • CVE-2026-7262HigMay 10, 2026
    risk 0.42cvss 7.5epss 0.01

    In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element.  This leads…

  • CVE-2026-7258HigMay 10, 2026
    risk 0.42cvss 7.5epss 0.00

    In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, some functions, including urldecode(), pass signed char to ctype functions (like isxdigit()). On the systems with default signed char and optimized table-lookup ctype…

  • CVE-2022-31630MedNov 14, 2022
    risk 0.42cvss 6.5epss 0.02

    In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can…

  • CVE-2020-7067HigApr 27, 2020
    risk 0.42cvss 7.5epss 0.04

    In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

  • CVE-2018-15132HigAug 7, 2018
    risk 0.42cvss 7.5epss 0.05

    An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the…

  • CVE-2018-14884HigAug 3, 2018
    risk 0.42cvss 7.5epss 0.03

    An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP response leads to a segmentation fault because http_header_value in ext/standard/http_fopen_wrapper.c can be a NULL value that is mishandled in an…

  • CVE-2018-14883HigAug 3, 2018
    risk 0.42cvss 7.5epss 0.09

    An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.

  • CVE-2016-10162HigJan 24, 2017
    risk 0.42cvss 7.5epss 0.06

    The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to…

  • CVE-2016-10159HigJan 24, 2017
    risk 0.42cvss 7.5epss 0.08

    Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive.

  • CVE-2016-10158HigJan 24, 2017
    risk 0.42cvss 7.5epss 0.08

    The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via crafted EXIF data that triggers an attempt to divide the minimum representable…

  • CVE-2015-8877HigMay 22, 2016
    risk 0.42cvss 7.5epss 0.04

    The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted…

  • CVE-2013-3735HigMay 31, 2013
    risk 0.42cvss 7.5epss 0.03

    The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted function definition, as…

  • CVE-2015-8865HigMay 20, 2016
    risk 0.41cvss 7.3epss 0.05

    The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer…

  • CVE-2016-1904HigJan 19, 2016
    risk 0.41cvss 7.3epss 0.03

    Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based…

  • CVE-2022-4900MedNov 2, 2023
    risk 0.40cvss 6.2epss 0.00

    A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.

  • CVE-2018-10547MedApr 29, 2018
    risk 0.40cvss 6.1epss 0.04

    An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists…

  • CVE-2022-31629MedSep 28, 2022
    risk 0.39cvss 6.5epss 0.49

    In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

  • CVE-2015-8878MedMay 22, 2016
    risk 0.38cvss 5.9epss 0.01

    main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory corruption) by leveraging an application that performs many temporary-file…

  • CVE-2015-8838MedMay 16, 2016
    risk 0.38cvss 5.9epss 0.02

    ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152.

Page 12 of 37