Vulnerabilities > PHP > PHP > 5.2.10

DATE CVE VULNERABILITY TITLE RISK
2018-08-03 CVE-2018-14883 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8.
network
low complexity
php canonical debian netapp CWE-190
7.5
7.5
2018-08-02 CVE-2018-14851 Out-of-bounds Read vulnerability in multiple products
exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.
local
low complexity
php canonical debian netapp CWE-125
5.5
5.5
2018-04-29 CVE-2018-10549 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-125
8.8
8.8
2018-04-29 CVE-2018-10548 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-476
7.5
7.5
2018-04-29 CVE-2018-10547 Cross-site Scripting vulnerability in multiple products
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-79
6.1
6.1
2018-04-29 CVE-2018-10546 Infinite Loop vulnerability in multiple products
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-835
7.5
7.5
2018-04-29 CVE-2018-10545 Information Exposure vulnerability in multiple products
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4.
local
high complexity
php canonical debian netapp CWE-200
4.7
4.7
2018-03-01 CVE-2018-7584 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c.
network
low complexity
php canonical debian CWE-119
critical
 9.8
9.8
2018-02-19 CVE-2015-9253 Resource Exhaustion vulnerability in PHP
An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20.
network
low complexity
php CWE-400
6.5
6.5
2018-02-09 CVE-2016-10712 Improper Input Validation vulnerability in multiple products
In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of stream_get_meta_data can be controlled if the input can be controlled (e.g., during file uploads).
network
low complexity
php canonical CWE-20
7.5
7.5