Vulnerabilities > PHP

DATE CVE VULNERABILITY TITLE RISK
2015-12-02 CVE-2015-8383 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
network
low complexity
pcre fedoraproject php CWE-119
critical
9.8
2012-05-11 CVE-2012-1823 Command Injection vulnerability in multiple products
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
network
low complexity
php fedoraproject debian hp opensuse suse apple redhat CWE-77
critical
9.8
2010-05-07 CVE-2010-1866 Integer Overflow or Wraparound vulnerability in multiple products
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder.
network
low complexity
php opensuse suse CWE-190
critical
9.8
2008-05-07 CVE-2008-2108 Insufficient Entropy vulnerability in multiple products
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions.
network
low complexity
php fedoraproject canonical debian CWE-331
critical
9.8
2008-05-05 CVE-2008-0599 Incorrect Calculation of Buffer Size vulnerability in multiple products
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
network
low complexity
php fedoraproject canonical apple CWE-131
critical
9.8
2007-03-06 CVE-2007-1285 Uncontrolled Recursion vulnerability in multiple products
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.
network
low complexity
php canonical novell suse redhat CWE-674
7.5