VYPR

PHP

by PHP

Source repositories

CVEs (730)

  • CVE-2018-10548HigApr 29, 2018
    risk 0.49cvss 7.5epss 0.09

    An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn…

  • CVE-2016-10712HigFeb 9, 2018
    risk 0.49cvss 7.5epss 0.02

    In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of stream_get_meta_data can be controlled if the input can be controlled (e.g., during file uploads). For example, a "$uri = stream_get_meta_data(fopen($file, "r"))['uri']" call mishandles…

  • CVE-2017-12934HigAug 18, 2017
    risk 0.49cvss 7.5epss 0.04

    ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zval_get_type function in Zend/zend_types.h. Exploitation of this issue can have an unspecified impact on the…

  • CVE-2017-11145HigJul 10, 2017
    risk 0.49cvss 7.5epss 0.05

    In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds…

  • CVE-2017-11144HigJul 10, 2017
    risk 0.49cvss 7.5epss 0.06

    In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number…

  • CVE-2017-11143HigJul 10, 2017
    risk 0.49cvss 7.5epss 0.07

    In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.

  • CVE-2017-11142HigJul 10, 2017
    risk 0.49cvss 7.5epss 0.08

    In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.

  • CVE-2016-10397HigJul 10, 2017
    risk 0.49cvss 7.5epss 0.02

    In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.com:80?@good.example.com/…

  • CVE-2017-9229HigMay 24, 2017
    risk 0.49cvss 7.5epss 0.05

    An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result…

  • CVE-2017-7963HigApr 19, 2017
    risk 0.49cvss 7.5epss 0.02

    The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here,…

  • CVE-2017-6441HigApr 3, 2017
    risk 0.49cvss 7.5epss 0.02

    The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a…

  • CVE-2015-8994HigMar 2, 2017
    risk 0.49cvss 7.5epss 0.03

    An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validate_permission=1 setting. The…

  • CVE-2016-9934HigJan 4, 2017
    risk 0.49cvss 7.5epss 0.07

    ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.

  • CVE-2016-9933HigJan 4, 2017
    risk 0.49cvss 7.5epss 0.07

    Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted…

  • CVE-2016-7416HigSep 17, 2016
    risk 0.49cvss 7.5epss 0.07

    ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have…

  • CVE-2016-7132HigSep 12, 2016
    risk 0.49cvss 7.5epss 0.09

    ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket XML document that is mishandled in a…

  • CVE-2016-7131HigSep 12, 2016
    risk 0.49cvss 7.5epss 0.09

    ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a…

  • CVE-2016-7130HigSep 12, 2016
    risk 0.49cvss 7.5epss 0.07

    The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as…

  • CVE-2016-7125HigSep 12, 2016
    risk 0.49cvss 7.5epss 0.06

    ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.

  • CVE-2016-6128HigAug 7, 2016
    risk 0.49cvss 7.5epss 0.07

    The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.

Page 9 of 37