Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.5.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-2020
ext/gd/gd.c in PHP 5.5.x prior to 5.5.9 does not check data types, which might allow remote malicious users to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string fo...
Php Php
Php Php 5.5.7
Php Php 5.5.0
Php Php 5.5.2
Php Php 5.5.1
Php Php 5.5.4
Php Php 5.5.3
Php Php 5.5.6
Php Php 5.5.5
6.8
CVSSv2
CVE-2013-7226
Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x prior to 5.5.9 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading ...
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.4
Php Php 5.5.2
1 Github repository
1 Article
5.8
CVSSv2
CVE-2013-7328
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x prior to 5.5.9 allow remote malicious users to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1)...
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.4
Php Php 5.5.2
6.8
CVSSv2
CVE-2016-6174
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) prior to 4.1.13, when used with PHP prior to 5.4.24 or 5.5.x prior to 5.5.8, allows remote malicious users to execute arbitrary code v...
Invisioncommunity Invision Power Board
Php Php 5.5.2
Php Php 5.5.1
Php Php 5.5.0
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.5
Php Php 5.5.4
Php Php 5.5.3
Php Php
1 EDB exploit
5
CVSSv2
CVE-2013-3735
The Zend Engine in PHP prior to 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent malicious users to cause a denial of service (memory consumption and application crash) via a crafted function definition,...
Php Php 5.4.12
Php Php 5.4.14
Php Php 5.4.8
Php Php 5.4.9
Php Php 5.4.11
Php Php 5.4.10
Php Php 5.4.2
Php Php 5.4.5
Php Php 5.4.6
Php Php 5.4.13
Php Php 5.4.0
Php Php 5.4.3
Php Php 5.4.1
Php Php 5.4.7
Php Php
Php Php 5.4.4
Php Php 5.5.0
6.8
CVSSv2
CVE-2013-7327
The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x prior to 5.5.9 does not check return values, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a N...
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.4
Php Php
Php Php 5.5.2
7.8
CVSSv2
CVE-2017-11142
In PHP prior to 5.6.31, 7.x prior to 7.0.17, and 7.1.x prior to 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.
Php Php 7.0.0
Php Php 7.0.1
Php Php 7.0.8
Php Php 7.0.9
Php Php 7.1.0
Php Php 7.1.1
Php Php 7.0.4
Php Php 7.0.5
Php Php 7.0.12
Php Php 7.0.13
Php Php
Php Php 7.0.6
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.15
Php Php 7.0.16
Php Php 7.0.2
Php Php 7.0.3
Php Php 7.0.10
Php Php 7.0.11
Php Php 7.1.2
7.5
CVSSv2
CVE-2015-0273
Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP prior to 5.4.38, 5.5.x prior to 5.5.22, and 5.6.x prior to 5.6.6 allow remote malicious users to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZon...
Php Php 5.6.1
Php Php 5.5.0
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.5.19
Php Php 5.5.16
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.6.4
Php Php 5.5.21
Php Php 5.5.17
Php Php
Php Php 5.5.14
Php Php 5.5.7
Php Php 5.6.2
Php Php 5.5.12
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.15
Php Php 5.5.11
Php Php 5.5.13
1 EDB exploit
2 Github repositories
7.5
CVSSv2
CVE-2014-9705
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP prior to 5.4.38, 5.5.x prior to 5.5.22, and 5.6.x prior to 5.6.6 allows remote malicious users to execute arbitrary code via vectors that trigger creation of multiple dictionari...
Php Php 5.5.0
Php Php 5.5.13
Php Php 5.5.14
Php Php 5.5.20
Php Php 5.5.21
Php Php 5.6.0
Php Php 5.6.1
Php Php 5.5.1
Php Php 5.5.10
Php Php 5.5.17
Php Php 5.5.18
Php Php 5.5.5
Php Php 5.5.6
Php Php 5.6.4
Php Php 5.6.5
Php Php 5.5.15
Php Php 5.5.16
Php Php 5.5.3
Php Php 5.5.4
Php Php 5.6.2
Php Php 5.6.3
Php Php
10
CVSSv2
CVE-2015-4642
The escapeshellarg function in ext/standard/exec.c in PHP prior to 5.4.42, 5.5.x prior to 5.5.26, and 5.6.x prior to 5.6.10 on Windows allows remote malicious users to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a c...
Php Php
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.2
Php Php 5.5.3
Php Php 5.5.4
Php Php 5.5.5
Php Php 5.5.6
Php Php 5.5.7
Php Php 5.5.8
Php Php 5.5.9
Php Php 5.5.10
Php Php 5.5.11
Php Php 5.5.12
Php Php 5.5.13
Php Php 5.5.14
Php Php 5.5.15
Php Php 5.5.16
Php Php 5.5.17
Php Php 5.5.18
Php Php 5.5.19
Php Php 5.5.20
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »