php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

  Showing 1-30 of 1646 Show Next 30 Entries »
ID# Date Last Modified Package Type Status PHP Version OS Summary Assigned
60623
(edit)		 2011-12-29 08:45 UTC 2011-12-29 09:38 UTC *Encryption and hash functions Sec Bug Duplicate Irrelevant ANY Hash Table Collisions  
60827
(edit)		 2012-01-20 21:21 UTC 2012-01-20 21:27 UTC URL related Sec Bug Duplicate Irrelevant irrelevant Vulnerability in bugs.php.net  
61210
(edit)		 2012-02-29 16:00 UTC 2014-02-12 18:25 UTC Safe Mode/open_basedir Sec Bug Duplicate 5.3.10 *nix redirection in curl incorrectly blocked if open_basedir is set  
65266
(edit)		 2013-07-16 05:14 UTC 2013-07-16 05:22 UTC *XML functions Sec Bug Duplicate 5.4.17   heap corruption in xml parser  
67267
(edit)		 2014-05-13 15:50 UTC 2014-05-13 16:03 UTC Online Doc Editor problem Sec Bug Duplicate Irrelevant Any Local File Inclusion tyrael
69206
(edit)		 2015-03-09 17:34 UTC 2015-03-20 05:50 UTC PHP Language Specification Sec Bug Duplicate Irrelevant * Nullbytes - The Come back  
72279
(edit)		 2016-05-28 06:36 UTC 2016-05-29 08:37 UTC Safe Mode/open_basedir Sec Bug Duplicate Irrelevant Ubuntu open_basedir could be bypassed if it's set by .user.ini  
73064
(edit)		 2016-09-12 02:21 UTC 2017-02-13 01:22 UTC WDDX related Sec Bug Duplicate master-Git-2016-09-12 (snap) Ubuntu Use-After-Free in wddx_deserialize of wddx.c stas
73109
(edit)		 2016-09-19 01:07 UTC 2017-10-16 02:28 UTC Date/time related Sec Bug Duplicate 7.1.6 Ubuntu Out-Of-Bounds Read in timelib_meridian of parse_date.c derick
73153
(edit)		 2016-09-23 16:56 UTC 2017-01-16 13:32 UTC GNU MP related Sec Bug Duplicate 5.6.26 Ubuntu Crash with an Unexpected Object when Deserialize GMP object  
73162
(edit)		 2016-09-24 10:18 UTC 2016-10-19 14:25 UTC DOM XML related Sec Bug Duplicate 5.6.26   missing NULL check in dom_document_savexml  
73710
(edit)		 2016-12-10 14:39 UTC 2017-01-10 00:33 UTC Directory function related Sec Bug Duplicate Irrelevant   open_basedir bypass via glob wrapper pollita
74301
(edit)		 2017-03-23 17:17 UTC 2017-10-15 22:47 UTC WDDX related Sec Bug Duplicate 5.6.30   Free() invalid pointer when wddx decodes empty boolean element  
74609
(edit)		 2017-05-18 06:31 UTC 2017-08-12 13:14 UTC *General Issues Sec Bug Duplicate 7.1.6 Ubuntu 1604 & Windows10 a heap-use-after-free was found at zif_unserialize function  
74622
(edit)		 2017-05-21 11:17 UTC 2017-08-12 19:28 UTC *General Issues Sec Bug Duplicate 7.1.5/7.1.6 Debian GNU/Linux 9 \n \l zif_unserialize Invalid read of size 8  
75505
(edit)		 2017-11-09 03:18 UTC 2018-01-15 13:31 UTC *Network Functions Sec Bug Duplicate 7.1.11 * pfsockopen may cause a security problem  
76428
(edit)		 2018-06-08 01:03 UTC 2018-11-20 19:37 UTC IMAP related Sec Bug Duplicate 7.0.30 Debian Linux Command execution through imap_open  
76558
(edit)		 2018-07-01 00:48 UTC 2018-07-16 23:57 UTC EXIF related Sec Bug Duplicate 5.6.36 Debian 9 x64 heap-buffer-overflow (READ of size 1) in php_ifd_get32s kalle
77160
(edit)		 2018-11-15 09:09 UTC 2019-02-21 05:11 UTC IMAP related Sec Bug Duplicate 7.2.12   Script injection in imap_open() cmb
77249
(edit)		 2018-12-06 10:00 UTC 2019-01-07 08:14 UTC XMLRPC-EPI related Sec Bug Duplicate 7.2.12 Linux Use after free in xmlrpc_decode() stas
77429
(edit)		 2019-01-08 02:54 UTC 2019-02-10 12:06 UTC XMLRPC-EPI related Sec Bug Duplicate 7.1.25   heap buffer overflow in format_converter cmb
81717
(edit)		 2022-05-13 09:14 UTC 2022-05-13 11:15 UTC Scripting Engine problem Sec Bug Duplicate 7.4.29 Any PHP "Magic" methods DOS cmb
1027
(edit)		 1999-01-05 04:09 UTC 2002-01-09 10:02 UTC Feature/Change Request Req Duplicate 4.0   fprintf() please  
3514
(edit)		 2000-02-17 08:02 UTC 2001-11-11 14:48 UTC Feature/Change Request Req Duplicate 4.0 any Private and Protected data in classes  
4822
(edit)		 2000-06-05 15:53 UTC 2000-11-21 03:58 UTC Feature/Change Request Req Duplicate 4.0.0 Release Linux Uploading in safe mode  
5278
(edit)		 2000-06-29 23:00 UTC 2001-11-11 15:10 UTC Feature/Change Request Req Duplicate 4.0.0 Release   ob_* enhanced to use HTTP headers  
5408
(edit)		 2000-07-06 17:35 UTC 2001-11-11 14:57 UTC Feature/Change Request Req Duplicate 4.0 Latest CVS (06/07/2000) Redhat 6.1 (Linux 2.2.12-20) foreach() should silently ignore non-array's passed to it  
5975
(edit)		 2000-08-04 20:51 UTC 2012-02-10 23:13 UTC Strings related Req Duplicate * * version of strip_tags() that specifies tags to strip (instead of tags to keep)  
6768
(edit)		 2000-09-15 05:28 UTC 2002-01-06 12:19 UTC Feature/Change Request Req Duplicate 4.0.2 Linux 2.2.14 list() construct reference assignment  
6875
(edit)		 2000-09-24 23:14 UTC 2001-06-12 04:01 UTC Feature/Change Request Req Duplicate 4.0.2 Linux 2.2.17 / Open BSD 2.8 upload_tmp_dir in php.ini doesn't work in safe_mode  
  Showing 1-30 of 1646 Show Next 30 Entries »
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat Jun 14 11:01:33 2025 UTC