php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

  Showing 1-30 of 1336 Show Next 30 Entries »
Bugs for *General Issues
ID# Date Last Modified Type Status PHP Version OS Summary Assigned
54681
(edit)		 2011-05-07 00:58 UTC 2011-08-22 11:44 UTC Sec Bug Closed 5.3.6 NetBSD addGlob() crashes on invalid flags pajoye
60262
(edit)		 2011-11-11 11:46 UTC 2018-12-18 01:27 UTC Sec Bug Closed 5.4.0RC1   multiple flaws memory_limit bypass, dos, code exec stas
67249
(edit)		 2014-05-12 01:35 UTC 2014-05-27 19:21 UTC Sec Bug Closed 5.4.28 * printf out-of-bounds read stas
68027
(edit)		 2014-09-16 09:42 UTC 2014-10-14 17:41 UTC Sec Bug Closed 5.6.0 Ubuntu 14.04.1 LTS 64bit AddressSanitizer reports a global buffer overflow in mkgmtime() function.  
68089
(edit)		 2014-09-24 11:59 UTC 2014-10-14 17:41 UTC Sec Bug Closed 5.6.0 Ubuntu 14.04 LTS NULL byte injection - cURL lib  
68976
(edit)		 2015-02-03 06:18 UTC 2015-03-31 05:51 UTC Sec Bug Closed 5.6.5 * Use After Free Vulnerability in unserialize() stas
69353
(edit)		 2015-04-02 06:39 UTC 2016-02-11 12:57 UTC Sec Bug Closed 5.6.7 N/A Missing null byte checks for paths in various PHP extensions stas
69425
(edit)		 2015-04-11 01:55 UTC 2017-01-16 13:29 UTC Sec Bug Closed 5.4.39   Use After Free in unserialize() nikic
69719
(edit)		 2015-05-28 12:00 UTC 2016-02-11 12:48 UTC Sec Bug Closed 5.6.9   Incorrect handling of paths with NULs, related to bug 69353 stas
70121
(edit)		 2015-07-23 21:40 UTC 2015-08-04 22:21 UTC Sec Bug Closed Irrelevant Ubuntu x86_64 unserialize() could lead to unexpected methods execution / NULL pointer deref  
70155
(edit)		 2015-07-27 14:37 UTC 2015-08-16 22:15 UTC Sec Bug Closed 5.4.43 * Use After Free Vulnerability in unserialize() with SPLArrayObject stas
70166
(edit)		 2015-07-29 13:28 UTC 2015-09-09 10:05 UTC Sec Bug Closed 5.4.43 * Use After Free Vulnerability in unserialize() with SPLArrayObject stas
70168
(edit)		 2015-07-30 10:52 UTC 2015-09-09 10:05 UTC Sec Bug Closed 5.4.43 * Use After Free Vulnerability in unserialize() with SplObjectStorage stas
70169
(edit)		 2015-07-30 11:11 UTC 2015-09-09 10:05 UTC Sec Bug Closed 5.4.43 * Use After Free Vulnerability in unserialize() with SplDoublyLinkedList stas
70172
(edit)		 2015-07-31 01:38 UTC 2016-10-23 19:47 UTC Sec Bug Closed 5.4.43 * Use After Free Vulnerability in unserialize() stas
70219
(edit)		 2015-08-09 10:30 UTC 2015-09-09 10:08 UTC Sec Bug Closed 5.4.44 * Use after free vulnerability in session deserializer stas
70284
(edit)		 2015-08-17 17:07 UTC 2015-09-01 19:11 UTC Sec Bug Closed 5.6.12 * Use after free vulnerability in unserialize() with GMP stas
70365
(edit)		 2015-08-27 10:44 UTC 2015-09-09 10:08 UTC Sec Bug Closed 5.6.12 * yet another use-after-free vulnerability in unserialize() with SplObjectStorage stas
70366
(edit)		 2015-08-27 10:49 UTC 2015-09-09 10:08 UTC Sec Bug Closed 5.6.12 * yet another use-after-free vulnerability in unserialize() with SplDoublyLinkedL stas
70436
(edit)		 2015-09-06 14:14 UTC 2016-08-17 06:39 UTC Sec Bug Closed 5.6.24 * Use After Free Vulnerability in unserialize() stas
70513
(edit)		 2015-09-16 16:39 UTC 2017-01-16 13:29 UTC Sec Bug Closed 5.6.13 * GMP Deserialization Type Confusion Vulnerability nikic
71039
(edit)		 2015-12-05 22:00 UTC 2016-02-02 03:17 UTC Sec Bug Closed 5.6.16 All exec functions ignore length but look for NULL termination jpauli
71637
(edit)		 2016-02-20 12:21 UTC 2016-04-28 17:02 UTC Sec Bug Closed 7.0.3   Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes stas
71798
(edit)		 2016-03-11 11:37 UTC 2016-04-25 07:00 UTC Sec Bug Closed 5.5.33   Integer Overflow in php_raw_url_encode stas
72114
(edit)		 2016-04-27 23:51 UTC 2016-05-26 21:03 UTC Sec Bug Closed 5.5.35 Linux Integer underflow / arbitrary null write in fread/gzread stas
72135
(edit)		 2016-05-01 18:47 UTC 2016-05-26 21:04 UTC Sec Bug Closed 5.5.35 * Integer Overflow in php_html_entities() stas
72268
(edit)		 2016-05-26 15:53 UTC 2016-07-07 09:34 UTC Sec Bug Closed 5.5.36   Integer Overflow in nl2br() stas
72400
(edit)		 2016-06-14 09:41 UTC 2016-06-21 06:46 UTC Sec Bug Closed 5.5.36   Integer Overflow in addcslashes/addslashes stas
72403
(edit)		 2016-06-14 12:24 UTC 2016-06-27 19:23 UTC Sec Bug Closed 5.5.36   Integer Overflow in Length of String-typed ZVAL stas
72433
(edit)		 2016-06-16 14:37 UTC 2016-06-23 12:51 UTC Sec Bug Closed 5.5.36 * Use After Free Vulnerability in PHP's GC algorithm and unserialize dmitry
  Showing 1-30 of 1336 Show Next 30 Entries »
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Mon May 19 17:01:27 2025 UTC