Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.6.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2014-0236
file prior to 5.18, as used in the Fileinfo component in PHP prior to 5.6.0, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to cdf.c and readcdf.c.
Php Php
383
VMScore
CVE-2018-14851
exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP prior to 5.6.37, 7.0.x prior to 7.0.31, 7.1.x prior to 7.1.20, and 7.2.x prior to 7.2.8 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Storage Automation Store -
445
VMScore
CVE-2018-14883
An issue exists in PHP prior to 5.6.37, 7.0.x prior to 7.0.31, 7.1.x prior to 7.1.20, and 7.2.x prior to 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Storage Automation Store -
445
VMScore
CVE-2018-10546
An issue exists in PHP prior to 5.6.36, 7.0.x prior to 7.0.30, 7.1.x prior to 7.1.17, and 7.2.x prior to 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Storage Automation Store -
1 Github repository
755
VMScore
CVE-2018-7584
In PHP up to and including 5.6.33, 7.0.x prior to 7.0.28, 7.1.x up to and including 7.1.14, and 7.2.x up to and including 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper....
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
1 EDB exploit
169
VMScore
CVE-2018-10545
An issue exists in PHP prior to 5.6.35, 7.0.x prior to 7.0.29, 7.1.x prior to 7.1.16, and 7.2.x prior to 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environmen...
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Netapp Storage Automation Store -
383
VMScore
CVE-2018-10547
An issue exists in ext/phar/phar_object.c in PHP prior to 5.6.36, 7.0.x prior to 7.0.30, 7.1.x prior to 7.1.17, and 7.2.x prior to 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists bec...
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Netapp Storage Automation Store -
320
VMScore
CVE-2014-5459
The PEAR_REST class in REST.php in PEAR in PHP up to and including 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.
Php Php
Oracle Solaris 11.2
Opensuse Evergreen 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
445
VMScore
CVE-2018-10548
An issue exists in PHP prior to 5.6.36, 7.0.x prior to 7.0.30, 7.1.x prior to 7.1.17, and 7.2.x prior to 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn retur...
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Netapp Storage Automation Store -
356
VMScore
CVE-2006-0818
Absolute path directory traversal vulnerability in (1) MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and (2) VisNetic MailServer prior to 8.5.0.5 allows remote authenticated users to include arbitrary files via a modified language parameter and a full Wi...
Merak Mail Server 8.3.8r
Deerfield Visnetic Mail Server 8.3.5
Icewarp Web Mail 5.6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3