Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 7.0.4 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-11628
In PHP prior to 5.6.31, 7.x prior to 7.0.21, and 7.1.x prior to 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications th...
Php Php
Php Php 7.0.11
Php Php 7.0.4
Php Php 7.0.19
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.0.12
Php Php 7.0.13
Php Php 7.0.16
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.20
Php Php 7.0.15
Php Php 7.0.18
Php Php 7.0.2
Php Php 7.0.9
Php Php 7.0.8
Php Php 7.0.17
Php Php 7.0.5
Php Php 7.0.10
Php Php 7.0.0
Php Php 7.0.6
6.4
CVSSv2
CVE-2016-3185
The make_http_soap_request function in ext/soap/php_http.c in PHP prior to 5.4.44, 5.5.x prior to 5.5.28, 5.6.x prior to 5.6.12, and 7.x prior to 7.0.4 allows remote malicious users to obtain sensitive information from process memory or cause a denial of service (type confusion a...
Php Php 5.6.1
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.6.4
Php Php 5.6.6
Php Php 5.6.11
Php Php 5.6.2
Php Php 5.6.10
Php Php 5.6.7
Php Php 5.6.9
Php Php 5.6.3
Php Php 5.6.8
Php Php
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.0.2
Php Php 7.0.0
Php Php 5.5.0
Php Php 5.5.19
Php Php 5.5.25
Php Php 5.5.16
Php Php 5.5.1
6
CVSSv2
CVE-2015-3013
ownCloud Server prior to 5.0.19, 6.x prior to 6.0.7, and 7.x prior to 7.0.5 allows remote authenticated users to bypass the file blacklist and upload arbitrary files via a file path with UTF-8 encoding, as demonstrated by uploading a .htaccess file.
Owncloud Owncloud
5
CVSSv2
CVE-2016-10397
In PHP prior to 5.6.28 and 7.x prior to 7.0.13, incorrect handling of various URI components in the URL parser could be used by malicious users to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.com:80?@good.example....
Php Php 7.0.11
Php Php 7.0.4
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.0.12
Php Php
Php Php 7.0.7
Php Php 7.0.2
Php Php 7.0.9
Php Php 7.0.8
Php Php 7.0.5
Php Php 7.0.10
Php Php 7.0.0
Php Php 7.0.6
5
CVSSv2
CVE-2017-11144
In PHP prior to 5.6.31, 7.x prior to 7.0.21, and 7.1.x prior to 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative n...
Php Php 7.1.0
Php Php 7.1.6
Php Php 7.0.11
Php Php 7.0.4
Php Php 7.1.3
Php Php 7.1.5
Php Php 7.0.19
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.1.2
Php Php 7.0.12
Php Php 7.0.13
Php Php 7.0.16
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.20
Php Php 7.0.15
Php Php
Php Php 7.0.18
Php Php 7.0.2
Php Php 7.0.9
Php Php 7.0.8
5
CVSSv2
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.13
Php Php 5.2.14
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.3.11
Php Php 5.3.12
Php Php 5.3.2
Php Php 5.3.20
Php Php 5.3.27
Php Php 5.3.28
Php Php 5.3.9
Php Php 5.4.0
Php Php 5.4.13
Php Php 5.4.14
Php Php 5.4.19
Php Php 5.4.2
Php Php 5.4.26
5
CVSSv2
CVE-2016-9934
ext/wddx/wddx.c in PHP prior to 5.6.28 and 7.x prior to 7.0.13 allows remote malicious users to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.
Php Php 7.0.4
Php Php 7.0.5
Php Php
Php Php 7.0.0
Php Php 7.0.1
Php Php 7.0.8
Php Php 7.0.9
Php Php 7.0.6
Php Php 7.0.7
Php Php 7.0.2
Php Php 7.0.3
Php Php 7.0.10
Php Php 7.0.11
Php Php 7.0.12
5
CVSSv2
CVE-2011-3728
Dolphin 7.0.4 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/BxDolXMLRPCProfileView.php and certain other files.
Boonex Dolphin 7.0.4
4.3
CVSSv2
CVE-2016-6292
The exif_process_user_comment function in ext/exif/exif.c in PHP prior to 5.5.38, 5.6.x prior to 5.6.24, and 7.x prior to 7.0.9 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image.
Php Php 5.6.1
Php Php 5.6.0
Php Php 5.6.5
Php Php 7.0.4
Php Php 5.6.12
Php Php 5.6.13
Php Php 5.6.4
Php Php 7.0.3
Php Php 5.6.6
Php Php 7.0.1
Php Php 5.6.18
Php Php 5.6.11
Php Php 5.6.2
Php Php 5.6.10
Php Php
Php Php 5.6.7
Php Php 5.6.21
Php Php 5.6.15
Php Php 5.6.20
Php Php 7.0.2
Php Php 5.6.17
Php Php 5.6.16
4.3
CVSSv2
CVE-2015-3012
Multiple cross-site scripting (XSS) vulnerabilities in WebODF prior to 0.5.5, as used in ownCloud, allow remote malicious users to inject arbitrary web script or HTML via a (1) style or (2) font name or (3) javascript or (4) data URI.
Debian Debian Linux 7.0
Kogmbh Webodf
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »