Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.5.8 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-7226
Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x prior to 5.5.9 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading ...
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.4
Php Php 5.5.2
1 Github repository
1 Article
NA
CVE-2013-7328
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x prior to 5.5.9 allow remote malicious users to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1)...
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.4
Php Php 5.5.2
NA
CVE-2014-9705
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP prior to 5.4.38, 5.5.x prior to 5.5.22, and 5.6.x prior to 5.6.6 allows remote malicious users to execute arbitrary code via vectors that trigger creation of multiple dictionari...
Php Php 5.5.0
Php Php 5.5.13
Php Php 5.5.14
Php Php 5.5.20
Php Php 5.5.21
Php Php 5.6.0
Php Php 5.6.1
Php Php 5.5.1
Php Php 5.5.10
Php Php 5.5.17
Php Php 5.5.18
Php Php 5.5.5
Php Php 5.5.6
Php Php 5.6.4
Php Php 5.6.5
Php Php 5.5.15
Php Php 5.5.16
Php Php 5.5.3
Php Php 5.5.4
Php Php 5.6.2
Php Php 5.6.3
Php Php
NA
CVE-2015-0273
Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP prior to 5.4.38, 5.5.x prior to 5.5.22, and 5.6.x prior to 5.6.6 allow remote malicious users to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZon...
Php Php 5.6.1
Php Php 5.5.0
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.5.19
Php Php 5.5.16
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.6.4
Php Php 5.5.21
Php Php 5.5.17
Php Php
Php Php 5.5.14
Php Php 5.5.7
Php Php 5.6.2
Php Php 5.5.12
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.15
Php Php 5.5.11
Php Php 5.5.13
1 EDB exploit
2 Github repositories
9.8
CVSSv3
CVE-2015-4642
The escapeshellarg function in ext/standard/exec.c in PHP prior to 5.4.42, 5.5.x prior to 5.5.26, and 5.6.x prior to 5.6.10 on Windows allows remote malicious users to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a c...
Php Php
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.2
Php Php 5.5.3
Php Php 5.5.4
Php Php 5.5.5
Php Php 5.5.6
Php Php 5.5.7
Php Php 5.5.8
Php Php 5.5.9
Php Php 5.5.10
Php Php 5.5.11
Php Php 5.5.12
Php Php 5.5.13
Php Php 5.5.14
Php Php 5.5.15
Php Php 5.5.16
Php Php 5.5.17
Php Php 5.5.18
Php Php 5.5.19
Php Php 5.5.20
NA
CVE-2015-2331
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and previous versions, as used in the ZIP extension in PHP prior to 5.4.39, 5.5.x prior to 5.5.23, and 5.6.x prior to 5.6.7 and other products, allows remote malicious users to cause a denial of servi...
Nih Libzip
Php Php 5.6.1
Php Php 5.5.0
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.5.19
Php Php 5.5.16
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.6.4
Php Php 5.5.21
Php Php 5.6.6
Php Php 5.5.17
Php Php 5.5.14
Php Php 5.5.7
Php Php 5.6.2
Php Php 5.5.12
Php Php
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.15
5.9
CVSSv3
CVE-2015-8838
ext/mysqlnd/mysqlnd.c in PHP prior to 5.4.43, 5.5.x prior to 5.5.27, and 5.6.x prior to 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle malicious users to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152...
Php Php 5.5.0
Php Php 5.5.19
Php Php 5.5.25
Php Php 5.5.16
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.5.21
Php Php 5.5.17
Php Php 5.5.14
Php Php 5.5.7
Php Php 5.5.12
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.23
Php Php 5.5.8
Php Php 5.5.24
Php Php 5.5.15
Php Php 5.5.11
Php Php 5.5.13
Php Php 5.5.4
Php Php 5.5.26
Php Php 5.5.10
7.1
CVSSv3
CVE-2016-3185
The make_http_soap_request function in ext/soap/php_http.c in PHP prior to 5.4.44, 5.5.x prior to 5.5.28, 5.6.x prior to 5.6.12, and 7.x prior to 7.0.4 allows remote malicious users to obtain sensitive information from process memory or cause a denial of service (type confusion a...
Php Php 5.6.1
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.6.4
Php Php 5.6.6
Php Php 5.6.11
Php Php 5.6.2
Php Php 5.6.10
Php Php 5.6.7
Php Php 5.6.9
Php Php 5.6.3
Php Php 5.6.8
Php Php
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.0.2
Php Php 7.0.0
Php Php 5.5.0
Php Php 5.5.19
Php Php 5.5.25
Php Php 5.5.16
Php Php 5.5.1
NA
CVE-2014-3597
Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP prior to 5.4.32 and 5.5.x prior to 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_g...
Php Php 5.4.10
Php Php 5.4.11
Php Php 5.4.14
Php Php 5.4.15
Php Php 5.4.20
Php Php 5.4.21
Php Php 5.4.29
Php Php 5.4.3
Php Php 5.4.8
Php Php 5.4.9
Php Php 5.5.3
Php Php 5.5.2
Php Php 5.4.0
Php Php 5.4.12
Php Php 5.4.13
Php Php 5.4.17
Php Php 5.4.18
Php Php 5.4.25
Php Php 5.4.26
Php Php 5.4.4
Php Php 5.4.5
Php Php 5.5.7
1 Github repository
NA
CVE-2014-5120
gd_ctx.c in the GD component in PHP 5.4.x prior to 5.4.32 and 5.5.x prior to 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote malicious users to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd...
Php Php 5.4.0
Php Php 5.4.12
Php Php 5.4.13
Php Php 5.4.18
Php Php 5.4.19
Php Php 5.4.25
Php Php 5.4.26
Php Php 5.4.4
Php Php 5.4.5
Php Php 5.5.6
Php Php 5.5.5
Php Php 5.5.12
Php Php 5.5.11
Php Php 5.5.0
Php Php 5.4.10
Php Php 5.4.11
Php Php 5.4.15
Php Php 5.4.21
Php Php 5.4.22
Php Php 5.4.29
Php Php 5.4.3
Php Php 5.4.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »