Total
730 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3292 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing." | |||||
| CVE-2007-1522 | 1 Php | 1 Php | 2025-04-09 | 6.8 MEDIUM | N/A |
| Double free vulnerability in the session extension in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to execute arbitrary code via illegal characters in a session identifier, which is rejected by an internal session storage module, which calls the session identifier generator with an improper environment, leading to code execution when the generator is interrupted, as demonstrated by triggering a memory limit violation or certain PHP errors. | |||||
| CVE-2007-1583 | 1 Php | 1 Php | 2025-04-09 | 6.8 MEDIUM | N/A |
| The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with register_globals functionality that is not detectable by these scripts, as demonstrated by forcing a memory_limit violation. | |||||
| CVE-2007-4663 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function. | |||||
| CVE-2007-1461 | 1 Php | 1 Php | 2025-04-09 | 7.8 HIGH | N/A |
| The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or open_basedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories. | |||||
| CVE-2008-2108 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2025-04-09 | 7.5 HIGH | 9.8 CRITICAL |
| The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions. | |||||
| CVE-2009-3293 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index." | |||||
| CVE-2009-3546 | 2 Libgd, Php | 2 Gd Graphics Library, Php | 2025-04-09 | 9.3 HIGH | N/A |
| The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-1460 | 1 Php | 1 Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories. | |||||
| CVE-2009-4418 | 1 Php | 1 Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences. | |||||
| CVE-2007-1581 | 1 Php | 1 Php | 2025-04-09 | 9.3 HIGH | N/A |
| The resource system in PHP 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resources. NOTE: it was later reported that PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 are also affected. | |||||
| CVE-2007-0448 | 1 Php | 1 Php | 2025-04-09 | 10.0 HIGH | N/A |
| The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI. | |||||
| CVE-2007-4659 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors. | |||||
| CVE-2007-3799 | 1 Php | 1 Php | 2025-04-09 | 4.3 MEDIUM | N/A |
| The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) the session_start function, which are not encoded or filtered when the new session cookie is generated, a related issue to CVE-2006-0207. | |||||
| CVE-2007-0909 | 2 Php, Trustix | 2 Php, Secure Linux | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function. | |||||
| CVE-2007-1709 | 1 Php | 1 Php | 2025-04-09 | 4.3 MEDIUM | N/A |
| Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC extension (PECL phpDOC) in PHP 5.2.1 allows context-dependent attackers to execute arbitrary code via a long argument string. | |||||
| CVE-2007-2748 | 1 Php | 1 Php | 2025-04-09 | 4.3 MEDIUM | N/A |
| The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375. | |||||
| CVE-2007-1889 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msg_receive with the largest positive integer value of maxsize. | |||||
| CVE-2007-4825 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function. | |||||
| CVE-2007-3997 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE. | |||||