php.net
|
support
|
documentation
|
report a bug
|
advanced search
|
search howto
|
statistics
|
random bug
|
login
go to bug id or search bugs for
Showing 1-30 of 1646
Show Next 30 Entries »
ID#
Date
Last Modified
Package
Type
Status
PHP Version
OS
Summary
Assigned
60623
(edit)
2011-12-29 08:45 UTC
2011-12-29 09:38 UTC
*Encryption and hash functions
Sec Bug
Duplicate
Irrelevant
ANY
Hash Table Collisions
60827
(edit)
2012-01-20 21:21 UTC
2012-01-20 21:27 UTC
URL related
Sec Bug
Duplicate
Irrelevant
irrelevant
Vulnerability in bugs.php.net
61210
(edit)
2012-02-29 16:00 UTC
2014-02-12 18:25 UTC
Safe Mode/open_basedir
Sec Bug
Duplicate
5.3.10
*nix
redirection in curl incorrectly blocked if open_basedir is set
65266
(edit)
2013-07-16 05:14 UTC
2013-07-16 05:22 UTC
*XML functions
Sec Bug
Duplicate
5.4.17
heap corruption in xml parser
67267
(edit)
2014-05-13 15:50 UTC
2014-05-13 16:03 UTC
Online Doc Editor problem
Sec Bug
Duplicate
Irrelevant
Any
Local File Inclusion
tyrael
69206
(edit)
2015-03-09 17:34 UTC
2015-03-20 05:50 UTC
PHP Language Specification
Sec Bug
Duplicate
Irrelevant
*
Nullbytes - The Come back
72279
(edit)
2016-05-28 06:36 UTC
2016-05-29 08:37 UTC
Safe Mode/open_basedir
Sec Bug
Duplicate
Irrelevant
Ubuntu
open_basedir could be bypassed if it's set by .user.ini
73064
(edit)
2016-09-12 02:21 UTC
2017-02-13 01:22 UTC
WDDX related
Sec Bug
Duplicate
master-Git-2016-09-12 (snap)
Ubuntu
Use-After-Free in wddx_deserialize of wddx.c
stas
73109
(edit)
2016-09-19 01:07 UTC
2017-10-16 02:28 UTC
Date/time related
Sec Bug
Duplicate
7.1.6
Ubuntu
Out-Of-Bounds Read in timelib_meridian of parse_date.c
derick
73153
(edit)
2016-09-23 16:56 UTC
2017-01-16 13:32 UTC
GNU MP related
Sec Bug
Duplicate
5.6.26
Ubuntu
Crash with an Unexpected Object when Deserialize GMP object
73162
(edit)
2016-09-24 10:18 UTC
2016-10-19 14:25 UTC
DOM XML related
Sec Bug
Duplicate
5.6.26
missing NULL check in dom_document_savexml
73710
(edit)
2016-12-10 14:39 UTC
2017-01-10 00:33 UTC
Directory function related
Sec Bug
Duplicate
Irrelevant
open_basedir bypass via glob wrapper
pollita
74301
(edit)
2017-03-23 17:17 UTC
2017-10-15 22:47 UTC
WDDX related
Sec Bug
Duplicate
5.6.30
Free() invalid pointer when wddx decodes empty boolean element
74609
(edit)
2017-05-18 06:31 UTC
2017-08-12 13:14 UTC
*General Issues
Sec Bug
Duplicate
7.1.6
Ubuntu 1604 & Windows10
a heap-use-after-free was found at zif_unserialize function
74622
(edit)
2017-05-21 11:17 UTC
2017-08-12 19:28 UTC
*General Issues
Sec Bug
Duplicate
7.1.5/7.1.6
Debian GNU/Linux 9 \n \l
zif_unserialize Invalid read of size 8
75505
(edit)
2017-11-09 03:18 UTC
2018-01-15 13:31 UTC
*Network Functions
Sec Bug
Duplicate
7.1.11
*
pfsockopen may cause a security problem
76428
(edit)
2018-06-08 01:03 UTC
2018-11-20 19:37 UTC
IMAP related
Sec Bug
Duplicate
7.0.30
Debian Linux
Command execution through imap_open
76558
(edit)
2018-07-01 00:48 UTC
2018-07-16 23:57 UTC
EXIF related
Sec Bug
Duplicate
5.6.36
Debian 9 x64
heap-buffer-overflow (READ of size 1) in php_ifd_get32s
kalle
77160
(edit)
2018-11-15 09:09 UTC
2019-02-21 05:11 UTC
IMAP related
Sec Bug
Duplicate
7.2.12
Script injection in imap_open()
cmb
77249
(edit)
2018-12-06 10:00 UTC
2019-01-07 08:14 UTC
XMLRPC-EPI related
Sec Bug
Duplicate
7.2.12
Linux
Use after free in xmlrpc_decode()
stas
77429
(edit)
2019-01-08 02:54 UTC
2019-02-10 12:06 UTC
XMLRPC-EPI related
Sec Bug
Duplicate
7.1.25
heap buffer overflow in format_converter
cmb
81717
(edit)
2022-05-13 09:14 UTC
2022-05-13 11:15 UTC
Scripting Engine problem
Sec Bug
Duplicate
7.4.29
Any
PHP "Magic" methods DOS
cmb
1027
(edit)
1999-01-05 04:09 UTC
2002-01-09 10:02 UTC
Feature/Change Request
Req
Duplicate
4.0
fprintf() please
3514
(edit)
2000-02-17 08:02 UTC
2001-11-11 14:48 UTC
Feature/Change Request
Req
Duplicate
4.0
any
Private and Protected data in classes
4822
(edit)
2000-06-05 15:53 UTC
2000-11-21 03:58 UTC
Feature/Change Request
Req
Duplicate
4.0.0 Release
Linux
Uploading in safe mode
5278
(edit)
2000-06-29 23:00 UTC
2001-11-11 15:10 UTC
Feature/Change Request
Req
Duplicate
4.0.0 Release
ob_* enhanced to use HTTP headers
5408
(edit)
2000-07-06 17:35 UTC
2001-11-11 14:57 UTC
Feature/Change Request
Req
Duplicate
4.0 Latest CVS (06/07/2000)
Redhat 6.1 (Linux 2.2.12-20)
foreach() should silently ignore non-array's passed to it
5975
(edit)
2000-08-04 20:51 UTC
2012-02-10 23:13 UTC
Strings related
Req
Duplicate
*
*
version of strip_tags() that specifies tags to strip (instead of tags to keep)
6768
(edit)
2000-09-15 05:28 UTC
2002-01-06 12:19 UTC
Feature/Change Request
Req
Duplicate
4.0.2
Linux 2.2.14
list() construct reference assignment
6875
(edit)
2000-09-24 23:14 UTC
2001-06-12 04:01 UTC
Feature/Change Request
Req
Duplicate
4.0.2
Linux 2.2.17 / Open BSD 2.8
upload_tmp_dir in php.ini doesn't work in safe_mode
Showing 1-30 of 1646
Show Next 30 Entries »
Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Sat Jun 14 11:01:33 2025 UTC