VYPR

Vendor CVEs

PHP

All CVEs

763 total · sorted by risk
  • CVE-2014-9912CriJan 4, 2017
    risk 0.64cvss 9.8epss 0.05

    The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp component, which allows remote attackers to cause a denial of service (buffer…

  • CVE-2016-7568CriSep 28, 2016
    risk 0.64cvss 9.8epss 0.05

    Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via…

  • CVE-2016-7417CriSep 17, 2016
    risk 0.64cvss 9.8epss 0.07

    ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data.

  • CVE-2016-7414CriSep 17, 2016
    risk 0.64cvss 9.8epss 0.07

    The ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other…

  • CVE-2016-7413CriSep 17, 2016
    risk 0.64cvss 9.8epss 0.07

    Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a…

  • CVE-2016-7411CriSep 17, 2016
    risk 0.64cvss 9.8epss 0.06

    ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially…

  • CVE-2016-7134CriSep 12, 2016
    risk 0.64cvss 9.8epss 0.05

    ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service (allocation error and heap-based buffer overflow) or possibly have unspecified other impact via a long string that is…

  • CVE-2016-7129CriSep 12, 2016
    risk 0.64cvss 9.8epss 0.07

    The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a…

  • CVE-2016-7127CriSep 12, 2016
    risk 0.64cvss 9.8epss 0.07

    The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different…

  • CVE-2016-7126CriSep 12, 2016
    risk 0.64cvss 9.8epss 0.09

    The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have…

  • CVE-2016-5773CriAug 7, 2016
    risk 0.64cvss 9.8epss 0.09

    php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free…

  • CVE-2016-5772CriAug 7, 2016
    risk 0.64cvss 9.8epss 0.10

    Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted…

  • CVE-2016-5770CriAug 7, 2016
    risk 0.64cvss 9.8epss 0.07

    Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue…

  • CVE-2016-5769CriAug 7, 2016
    risk 0.64cvss 9.8epss 0.08

    Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a…

  • CVE-2016-5768CriAug 7, 2016
    risk 0.64cvss 9.8epss 0.10

    Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash)…

  • CVE-2016-6296CriJul 25, 2016
    risk 0.64cvss 9.8epss 0.06

    Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have…

  • CVE-2016-6295CriJul 25, 2016
    risk 0.64cvss 9.8epss 0.05

    ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have…

  • CVE-2016-6294CriJul 25, 2016
    risk 0.64cvss 9.8epss 0.06

    The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allows remote attackers to cause a denial of service…

  • CVE-2016-6291CriJul 25, 2016
    risk 0.64cvss 9.8epss 0.06

    The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process…

  • CVE-2016-6290CriJul 25, 2016
    risk 0.64cvss 9.8epss 0.05

    ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors…

  • CVE-2016-6288CriJul 25, 2016
    risk 0.64cvss 9.8epss 0.05

    The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors involving the smart_str data type.

  • CVE-2016-4544CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.07

    The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact…

  • CVE-2016-4542CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.06

    The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other…

  • CVE-2016-4541CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.06

    The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.

  • CVE-2016-4540CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.06

    The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.

  • CVE-2016-4539CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.06

    The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in…

  • CVE-2016-4538CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.06

    The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a…

  • CVE-2016-4537CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.06

    The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.

  • CVE-2016-4346CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.06

    Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow.

  • CVE-2016-4345CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.05

    Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow.

  • CVE-2016-4344CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.05

    Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8_encode function, leading to a heap-based buffer overflow.

  • CVE-2015-8880CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.03

    Double free vulnerability in the format printer in PHP 7.x before 7.0.1 allows remote attackers to have an unspecified impact by triggering an error.

  • CVE-2015-8876CriMay 22, 2016
    risk 0.64cvss 9.8epss 0.08

    Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method…

  • CVE-2016-4073CriMay 20, 2016
    risk 0.64cvss 9.8epss 0.07

    Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted…

  • CVE-2016-4072CriMay 20, 2016
    risk 0.64cvss 9.8epss 0.06

    The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the phar_analyze_path function in ext/phar/phar.c.

  • CVE-2015-8835CriMay 16, 2016
    risk 0.64cvss 9.8epss 0.06

    The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application…

  • CVE-2015-5589CriMay 16, 2016
    risk 0.64cvss 9.8epss 0.06

    The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly…

  • CVE-2015-4642CriMay 16, 2016
    risk 0.64cvss 9.8epss 0.06

    The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 on Windows allows remote attackers to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a call to the…

  • CVE-2015-4601CriMay 16, 2016
    risk 0.64cvss 9.8epss 0.08

    PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a…

  • CVE-2015-4116CriMay 16, 2016
    risk 0.64cvss 9.8epss 0.05

    Use-after-free vulnerability in the spl_ptr_heap_insert function in ext/spl/spl_heap.c in PHP before 5.5.27 and 5.6.x before 5.6.11 allows remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation.

  • CVE-2016-1283CriJan 3, 2016
    risk 0.64cvss 9.8epss 0.08

    The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote…

  • CVE-2015-8394CriDec 2, 2015
    risk 0.64cvss 9.8epss 0.05

    PCRE before 8.38 mishandles the (?() and (?(R) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object…

  • CVE-2015-8391CriDec 2, 2015
    risk 0.64cvss 9.8epss 0.06

    The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript…

  • CVE-2015-8390CriDec 2, 2015
    risk 0.64cvss 9.8epss 0.05

    PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp…

  • CVE-2015-8389CriDec 2, 2015
    risk 0.64cvss 9.8epss 0.04

    PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object…

  • CVE-2015-8386CriDec 2, 2015
    risk 0.64cvss 9.8epss 0.07

    PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a…

  • CVE-2015-8383CriDec 2, 2015
    risk 0.64cvss 9.8epss 0.06

    PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by…

  • CVE-2008-2108CriMay 7, 2008
    risk 0.64cvss 9.8epss 0.04

    The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force…

  • CVE-2015-8866CriMay 22, 2016
    risk 0.63cvss 9.6epss 0.04

    ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE)…

  • CVE-2023-3824CriAug 11, 2023
    risk 0.62cvss 9.4epss 0.08

    In PHP version 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.

Page 2 of 16