Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
CVE-2021-21707 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-21707
In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as ...
Php Php
Netapp Clustered Data Ontap -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Tenable Tenable.sc
2 Github repositories
5
CVSSv2
CVE-2017-9118
PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call.
Php Php 7.1.5
Php Php
Netapp Storage Automation Store -
7.5
CVSSv2
CVE-2017-9120
PHP 7.x up to and including 7.1.5 allows remote malicious users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.
Php Php
Netapp Storage Automation Store -
7.5
CVSSv2
CVE-2017-9119
The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows malicious users to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact by triggering crafted operations on array data structures.
Php Php 7.1.5
Netapp Clustered Data Ontap -
Netapp Storage Automation Store -
7.5
CVSSv2
CVE-2017-8923
The zend_string_extend function in Zend/zend_string.h in PHP up to and including 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified ot...
Php Php
6.8
CVSSv2
CVE-2021-21708
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes,...
Php Php
2 Github repositories
6.8
CVSSv2
CVE-2015-9253
An issue exists in PHP 7.3.x prior to 7.3.0alpha3, 7.2.x prior to 7.2.8, and prior to 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stre...
Php Php 7.3.0
Php Php
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started