php.net
|
support
|
documentation
|
report a bug
|
advanced search
|
search howto
|
statistics
|
random bug
|
login
go to bug id or search bugs for
Showing 1-30 of 39900
Show Next 30 Entries »
ID#
Date
Last Modified
Package
Type
Status
PHP Version
OS
Summary
Assigned
42862
(edit)
2007-10-05 07:29 UTC
2010-11-22 16:53 UTC
IMAP related
Sec Bug
Closed
5.2.6
*
[PATCH] IMAP toolkit crash: rfc822.c legacy routine buffer overflow
pajoye
45408
(edit)
2008-07-01 18:46 UTC
2010-11-22 15:27 UTC
PCRE related
Sec Bug
Closed
5.2.6
Irrelevant
bundled version of libpcre misses security fix for CVE-2008-2371
nlopess
49687
(edit)
2009-09-27 11:20 UTC
2010-12-01 16:53 UTC
*Unicode Issues
Sec Bug
Closed
5.2.11
*
utf8_decode xml_utf8_decode vuln
cataphract
53273
(edit)
2010-11-09 04:11 UTC
2010-11-22 15:27 UTC
mbstring related
Sec Bug
Closed
5.3 and above.
Irrelevant
mb_strcut() returns garbage with the excessive length parameter
moriyoshi
54002
(edit)
2011-02-12 21:31 UTC
2019-09-30 16:03 UTC
EXIF related
Sec Bug
Closed
Irrelevant
crash on crafted tag
pajoye
54193
(edit)
2011-03-08 13:58 UTC
2011-03-23 14:25 UTC
Unknown/Other Function
Sec Bug
Closed
Irrelevant
Integer overflow in shmop_read()
felipe
54238
(edit)
2011-03-13 02:29 UTC
2011-04-13 08:34 UTC
Strings related
Sec Bug
Closed
Irrelevant
Linux
use-after-free in substr_replace()
stas
54304
(edit)
2011-03-18 11:21 UTC
2011-09-12 13:22 UTC
Reproducible crash
Sec Bug
Closed
5.3.6
Linux x86-64
Invalid read in RegexIterator::accept() causes crash
pajoye
54332
(edit)
2011-03-21 09:27 UTC
2011-07-11 05:48 UTC
Reproducible crash
Sec Bug
Closed
5.3.6
Linux x86-64
Crash in zend_mm_check_ptr // Heap corruption
dmitry
54397
(edit)
2011-03-26 18:27 UTC
2014-12-30 18:21 UTC
Website problem
Sec Bug
Closed
Irrelevant
Irrelevant
Several issues with in http://news.php.net
bjori
54681
(edit)
2011-05-07 00:58 UTC
2011-08-22 11:44 UTC
*General Issues
Sec Bug
Closed
5.3.6
NetBSD
addGlob() crashes on invalid flags
pajoye
54682
(edit)
2011-05-07 01:13 UTC
2012-02-07 20:49 UTC
Tidy
Sec Bug
Closed
5
*
tidy NullPD
tony2001
55107
(edit)
2011-07-01 14:20 UTC
2011-07-19 14:17 UTC
Built-in web server
Sec Bug
Closed
5.4SVN-2011-07-01 (snap)
OS X 10.6.7
Null bytes in URL cause insecure behavior (code execution / code disclosure)
moriyoshi
55244
(edit)
2011-07-19 18:20 UTC
2011-07-23 21:01 UTC
OpenSSL related
Sec Bug
Closed
Irrelevant
All
openssl_encrypt() / openssl_decrypt() truncate keys
scottmac
55749
(edit)
2011-09-21 04:53 UTC
2011-09-30 17:11 UTC
Unknown/Other Function
Sec Bug
Closed
trunk-SVN-2011-09-21 (SVN)
Windows
TOCTOU issue in getenv() on Windows builds
pajoye
55856
(edit)
2011-10-06 05:03 UTC
2014-02-20 22:23 UTC
PCRE related
Sec Bug
Closed
5.4.0beta1
All
preg_replace should fail on trailing garbage
yohgaki
55871
(edit)
2011-10-08 09:38 UTC
2015-04-26 12:52 UTC
Strings related
Sec Bug
Closed
5.3
*
Interruption in substr_replace()
stas
60150
(edit)
2011-10-27 16:37 UTC
2011-11-28 22:39 UTC
EXIF related
Sec Bug
Closed
5.4.0beta2
All 32 bits
Integer overflow during the parsing of invalid exif header
stas
60240
(edit)
2011-11-08 07:49 UTC
2011-12-02 11:50 UTC
SPL related
Sec Bug
Closed
5.4.0beta2
Linux 64bit
invalid read/writes when unserializing specially crafted strings
mike
60262
(edit)
2011-11-11 11:46 UTC
2018-12-18 01:27 UTC
*General Issues
Sec Bug
Closed
5.4.0RC1
multiple flaws memory_limit bypass, dos, code exec
stas
60279
(edit)
2011-11-12 10:33 UTC
2011-11-12 15:17 UTC
OpenSSL related
Sec Bug
Closed
5.4.0RC1
Null pointer dereference in stream_socket_enable_crypto
pajoye
61065
(edit)
2012-02-12 21:43 UTC
2014-06-19 16:31 UTC
PHAR related
Sec Bug
Closed
5.3.10
All
Secunia SA44335 - arbitrary code execution
stas
61504
(edit)
2012-03-25 12:49 UTC
2012-04-06 13:31 UTC
*Directory/Filesystem functions
Sec Bug
Closed
Irrelevant
all
Potential vulnerability in fileinfo ext
ab
61807
(edit)
2012-04-22 01:12 UTC
2013-02-23 11:44 UTC
CGI/CLI related
Sec Bug
Closed
5.4.1RC2
any
Buffer Overflow in apache_request_headers
stas
61910
(edit)
2012-05-02 17:56 UTC
2012-05-09 21:37 UTC
CGI/CLI related
Sec Bug
Closed
5.4.1
Unix
VU#520827 - PHP-CGI query string parameter vulnerability
johannes
62082
(edit)
2012-05-20 20:15 UTC
2014-06-24 18:21 UTC
I18N and L10N related
Sec Bug
Closed
Irrelevant
Linux
Memory corruption in internal get_icu_disp_value_src_php() function
cataphract
63447
(edit)
2012-11-06 09:00 UTC
2015-10-11 11:52 UTC
Variables related
Sec Bug
Closed
5.4.8
MacOS X Lion
max_input_vars doesn't filter variables when mbstring.encoding_translation = On
laruence
64879
(edit)
2013-05-20 08:53 UTC
2013-06-08 09:17 UTC
Strings related
Sec Bug
Closed
5.3.25
*
Heap based buffer overflow in quoted_printable_encode
stas
64449
(edit)
2013-03-18 22:25 UTC
2020-06-24 12:07 UTC
*Encryption and hash functions
Sec Bug
Closed
5.4.13
Linux
crypt doesn't fail on "$" in CRYPT_DES salt
nikic
65236
(edit)
2013-07-10 17:29 UTC
2013-07-12 14:27 UTC
*XML functions
Sec Bug
Closed
5.3.26
*
heap corruption in xml parser
johannes
Showing 1-30 of 39900
Show Next 30 Entries »
Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Wed Jul 09 12:01:35 2025 UTC