Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4700
The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent malicious users to conduct SQL injection attacks via crafted i...
Php Php 5.3.2
Php Php 5.3.3
NA
CVE-2010-4697
Use-after-free vulnerability in the Zend engine in PHP prior to 5.2.15 and 5.3.x prior to 5.3.4 might allow context-dependent malicious users to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset...
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.1.6
NA
CVE-2010-4645
strtod.c, as used in the zend_strtod function in PHP 5.2 prior to 5.2.17 and 5.3 prior to 5.3.5, and other products, allows context-dependent malicious users to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not prope...
Php Php 5.2.9
Php Php 5.2.14
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.2.3
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.2.10
Php Php 5.2.15
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.0
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.3.4
1 EDB exploit
NA
CVE-2010-4150
Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 prior to 5.2.15 and 5.3 prior to 5.3.4 allows malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.3.2
Php Php 5.2.11
Php Php 5.2.0
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.2
Php Php 5.3.3
Php Php 5.2.14
Php Php 5.2.1
NA
CVE-2010-4409
Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and previous versions allows context-dependent malicious users to cause a denial of service (application crash) via an invalid argument.
Php Php 4.0
Php Php 4.0.0
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.16
Php Php 2.0
Php Php 1.0
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
1 EDB exploit
NA
CVE-2010-3870
The utf8_decode function in PHP prior to 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote malicious users to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a ...
Php Php
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
1 EDB exploit
NA
CVE-2010-3710
Stack consumption vulnerability in the filter_var function in PHP 5.2.x up to and including 5.2.14 and 5.3.x up to and including 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote malicious users to cause a denial of service (memory consumption and application crash) v...
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.13
Php Php 5.2.11
Php Php 5.2.3
Php Php 5.2.14
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.9
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.3.3
Php Php 5.3.0
NA
CVE-2010-2950
Format string vulnerability in stream.c in the phar extension in PHP 5.3.x up to and including 5.3.3 allows context-dependent malicious users to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handl...
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.3.0
Php Php 5.3.3
NA
CVE-2010-3065
The default session serializer in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent malicious users to modify arbitrary session variables via a crafted session variable name.
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.13
Php Php 5.3.0
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.9
Php Php 5.2.10
NA
CVE-2010-3062
mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 up to and including 5.3.2 allows remote malicious users to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function; or (2) trigger a heap-based buffer overf...
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.3.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »