Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical php5 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2013-7327
The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x prior to 5.5.9 does not check return values, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a N...
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.4
Php Php
Php Php 5.5.2
1.9
CVSSv2
CVE-2018-10545
An issue exists in PHP prior to 5.6.35, 7.0.x prior to 7.0.29, 7.1.x prior to 7.1.16, and 7.2.x prior to 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environmen...
Php Php
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Storage Automation Store -
7.5
CVSSv2
CVE-2008-2108
The GENERATE_SEED macro in PHP 4.x prior to 4.4.8 and 5.x prior to 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force ...
Php Php
Fedoraproject Fedora 9
Fedoraproject Fedora 8
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
5
CVSSv2
CVE-2019-9638
An issue exists in the EXIF component in PHP prior to 7.1.27, 7.2.x prior to 7.2.16, and 7.3.x prior to 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.
Php Php
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Leap 42.3
Netapp Storage Automation Store -
Redhat Software Collections 1.0
5
CVSSv2
CVE-2019-9639
An issue exists in the EXIF component in PHP prior to 7.1.27, 7.2.x prior to 7.2.16, and 7.3.x prior to 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.
Php Php
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Leap 42.3
Netapp Storage Automation Store -
Redhat Software Collections 1.0
5
CVSSv2
CVE-2019-9640
An issue exists in the EXIF component in PHP prior to 7.1.27, 7.2.x prior to 7.2.16, and 7.3.x prior to 7.3.3. There is an Invalid Read in exif_process_SOFn.
Php Php
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Leap 42.3
Netapp Storage Automation Store -
Redhat Software Collections 1.0
4.3
CVSSv2
CVE-2018-14851
exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP prior to 5.6.37, 7.0.x prior to 7.0.31, 7.1.x prior to 7.1.20, and 7.2.x prior to 7.2.8 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.
Php Php
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Netapp Storage Automation Store -
4.3
CVSSv2
CVE-2018-10547
An issue exists in ext/phar/phar_object.c in PHP prior to 5.6.36, 7.0.x prior to 7.0.30, 7.1.x prior to 7.1.17, and 7.2.x prior to 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists bec...
Php Php
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Storage Automation Store -
7.5
CVSSv2
CVE-2019-9023
An issue exists in PHP prior to 5.6.40, 7.x prior to 7.1.26, 7.2.x prior to 7.2.14, and 7.3.x prior to 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstr...
Php Php
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Netapp Storage Automation Store -
Opensuse Leap 42.3
7.5
CVSSv2
CVE-2019-9020
An issue exists in PHP prior to 5.6.40, 7.x prior to 7.1.26, 7.2.x prior to 7.2.14, and 7.3.x prior to 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ...
Php Php
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Netapp Storage Automation Store -
Opensuse Leap 42.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »