php.net
|
support
|
documentation
|
report a bug
|
advanced search
|
search howto
|
statistics
|
random bug
|
login
go to bug id or search bugs for
« Show Previous 30 Entries
Showing 31-60 of 39900
Show Next 30 Entries »
ID#
Date
Last Modified
Package
Type
Status
PHP Version
OS
Summary
Assigned
65790
(edit)
2013-09-30 14:55 UTC
2013-10-01 13:52 UTC
xhprof
Sec Bug
Closed
Irrelevant
Deployment of xhprof_html makes the site vulnerable to XSS attack
scottmac
66171
(edit)
2013-11-25 20:43 UTC
2014-04-14 12:28 UTC
Session related
Sec Bug
Closed
master-Git-2013-11-25 (Git)
Linux
ps_files_open: Block symlinks properly, prevent opening other users' sessions
66321
(edit)
2013-12-19 07:00 UTC
2016-05-14 15:15 UTC
Zip Related
Sec Bug
Closed
5.4.23
Linux
PHP ZipArchive::open() ze_obj->filename_len not real
remi
66356
(edit)
2013-12-27 02:57 UTC
2014-02-15 17:28 UTC
GD related
Sec Bug
Closed
5.5.7
all
Heap Overflow Vulnerability in imagecrop()
pajoye
66731
(edit)
2014-02-18 08:34 UTC
2014-03-06 13:10 UTC
Filesystem function related
Sec Bug
Closed
5.5.9
irrevelant
file: infinite recursion
remi
66815
(edit)
2014-03-03 15:16 UTC
2014-03-06 13:10 UTC
GD related
Sec Bug
Closed
5.5.9
imagecrop(): insufficient fix for NULL defer CVE-2013-7327
remi
66820
(edit)
2014-03-04 13:11 UTC
2014-03-06 13:11 UTC
Filesystem function related
Sec Bug
Closed
5.4.25
irrevelant
out-of-bounds memory access in fileinfo
remi
66901
(edit)
2014-03-13 19:31 UTC
2014-08-04 08:43 UTC
GD related
Sec Bug
Closed
5.4.26
Fedora r17 (Beefy Miracle)
php-gd 'c_color' NULL pointer dereference
remi
66946
(edit)
2014-03-24 07:55 UTC
2014-04-03 09:26 UTC
Filesystem function related
Sec Bug
Closed
5.4.26
irrevelant
fileinfo: extensive backtracking in awk rule regular expression
remi
67060
(edit)
2014-04-12 21:32 UTC
2014-05-02 06:57 UTC
FPM related
Sec Bug
Closed
5.6Git-2014-04-12 (Git)
*nix
sapi/fpm: possible privilege escalation due to insecure default configuration
stas
67249
(edit)
2014-05-12 01:35 UTC
2014-05-27 19:21 UTC
*General Issues
Sec Bug
Closed
5.4.28
*
printf out-of-bounds read
stas
67326
(edit)
2014-05-22 14:06 UTC
2014-06-27 08:04 UTC
Filesystem function related
Sec Bug
Closed
5.4.28
fileinfo: cdf_read_short_sector insufficient boundary check
remi
67327
(edit)
2014-05-22 14:23 UTC
2014-05-27 01:14 UTC
Filesystem function related
Sec Bug
Closed
5.4.28
fileinfo: CDF infinite loop in nelements DoS
67328
(edit)
2014-05-22 14:28 UTC
2014-05-27 01:15 UTC
Filesystem function related
Sec Bug
Closed
5.4.28
fileinfo: numerous file_printf calls resulting in performance degradation
67329
(edit)
2014-05-22 14:31 UTC
2014-06-27 08:05 UTC
Filesystem function related
Sec Bug
Closed
5.6
fileinfo: NULL pointer deference flaw by processing certain CDF files
ab
67349
(edit)
2014-05-28 01:24 UTC
2014-07-15 23:24 UTC
intl
Sec Bug
Closed
5.5.12
Windows 8
Locale::parseLocale Double Free
stas
67390
(edit)
2014-06-06 12:12 UTC
2014-06-06 22:52 UTC
*Compile Issues
Sec Bug
Closed
5.4.29
irrevelant
insecure temporary file use in the configure script
remi
67397
(edit)
2014-06-08 10:39 UTC
2014-06-27 23:16 UTC
Unicode Engine related
Sec Bug
Closed
5.5.13
Linux
Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1)
stas
67410
(edit)
2014-06-10 11:37 UTC
2014-06-27 08:05 UTC
Filesystem function related
Sec Bug
Closed
5.4.29
irrevelant
fileinfo: mconvert incorrect handling of truncated pascal string size
remi
67411
(edit)
2014-06-10 11:40 UTC
2014-06-27 08:05 UTC
Filesystem function related
Sec Bug
Closed
5.4.29
irrevelant
fileinfo: cdf_check_stream_offset insufficient boundary check
remi
67412
(edit)
2014-06-10 11:43 UTC
2014-06-27 08:05 UTC
Filesystem function related
Sec Bug
Closed
5.4.29
irrevelant
fileinfo: cdf_count_chain insufficient boundary check
remi
67413
(edit)
2014-06-10 11:45 UTC
2014-06-27 08:05 UTC
Filesystem function related
Sec Bug
Closed
5.4.29
irrevelant
fileinfo: cdf_read_property_info insufficient boundary check
remi
67432
(edit)
2014-06-13 06:21 UTC
2014-06-15 08:09 UTC
*Network Functions
Sec Bug
Closed
5.4.29
irrevelant
heap-based buffer overflow in DNS TXT record parsing
pollita
67492
(edit)
2014-06-22 02:01 UTC
2014-06-27 23:17 UTC
Reproducible crash
Sec Bug
Closed
5.4.29
*
unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
stas
67498
(edit)
2014-06-23 07:13 UTC
2016-04-30 20:58 UTC
Reproducible crash
Sec Bug
Closed
5.4.29
phpinfo() Type Confusion Information Leak Vulnerability
stas
67705
(edit)
2014-07-29 06:44 UTC
2014-08-04 07:26 UTC
Filesystem function related
Sec Bug
Closed
5.4.31
irrevelant
extensive backtracking in rule regular expression
remi
67716
(edit)
2014-07-30 11:59 UTC
2014-08-15 00:45 UTC
Filesystem function related
Sec Bug
Closed
5.4.31
irrevelant
Segfault in cdf.c
remi
67717
(edit)
2014-07-30 12:42 UTC
2014-08-21 07:41 UTC
*Network Functions
Sec Bug
Closed
5.4.31
irrevelant
segfault in dns_get_record
remi
67730
(edit)
2014-07-31 20:37 UTC
2014-08-19 08:35 UTC
GD related
Sec Bug
Closed
5.6.0RC2
All
CVE-2014-5120 Null byte injection possible with imagexxx functions
stas
68027
(edit)
2014-09-16 09:42 UTC
2014-10-14 17:41 UTC
*General Issues
Sec Bug
Closed
5.6.0
Ubuntu 14.04.1 LTS 64bit
AddressSanitizer reports a global buffer overflow in mkgmtime() function.
« Show Previous 30 Entries
Showing 31-60 of 39900
Show Next 30 Entries »
Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Sat Jul 12 05:01:33 2025 UTC