Vulnerabilities > PHP
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-09 | CVE-2019-9637 | Permissions, Privileges, and Access Controls vulnerability in multiple products An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 7.5 |
2019-02-22 | CVE-2019-9025 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in PHP 7.3.x before 7.3.1. | 9.8 |
2019-02-22 | CVE-2019-9024 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. | 7.5 |
2019-02-22 | CVE-2019-9023 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. | 9.8 |
2019-02-22 | CVE-2019-9022 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. | 7.5 |
2019-02-22 | CVE-2019-9021 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. | 9.8 |
2019-02-22 | CVE-2019-9020 | Use After Free vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. | 9.8 |
2019-02-21 | CVE-2018-20783 | Out-of-bounds Read vulnerability in multiple products In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. | 7.5 |
2019-01-27 | CVE-2019-6977 | Out-of-bounds Write vulnerability in multiple products gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. | 8.8 |
2018-12-28 | CVE-2018-1000888 | Deserialization of Untrusted Data vulnerability in multiple products PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. | 8.8 |