php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

« Show Previous 30 Entries Showing 31-60 of 392 Show Next 30 Entries »
ID# Date Last Modified Package Type Status PHP Version OS Summary Assigned
70365
(edit)		 2015-08-27 10:44 UTC 2015-09-09 10:08 UTC *General Issues Sec Bug Closed 5.6.12 * yet another use-after-free vulnerability in unserialize() with SplObjectStorage stas
70366
(edit)		 2015-08-27 10:49 UTC 2015-09-09 10:08 UTC *General Issues Sec Bug Closed 5.6.12 * yet another use-after-free vulnerability in unserialize() with SplDoublyLinkedL stas
70436
(edit)		 2015-09-06 14:14 UTC 2016-08-17 06:39 UTC *General Issues Sec Bug Closed 5.6.24 * Use After Free Vulnerability in unserialize() stas
70513
(edit)		 2015-09-16 16:39 UTC 2017-01-16 13:29 UTC *General Issues Sec Bug Closed 5.6.13 * GMP Deserialization Type Confusion Vulnerability nikic
71039
(edit)		 2015-12-05 22:00 UTC 2016-02-02 03:17 UTC *General Issues Sec Bug Closed 5.6.16 All exec functions ignore length but look for NULL termination jpauli
71637
(edit)		 2016-02-20 12:21 UTC 2016-04-28 17:02 UTC *General Issues Sec Bug Closed 7.0.3   Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes stas
71798
(edit)		 2016-03-11 11:37 UTC 2016-04-25 07:00 UTC *General Issues Sec Bug Closed 5.5.33   Integer Overflow in php_raw_url_encode stas
72114
(edit)		 2016-04-27 23:51 UTC 2016-05-26 21:03 UTC *General Issues Sec Bug Closed 5.5.35 Linux Integer underflow / arbitrary null write in fread/gzread stas
72135
(edit)		 2016-05-01 18:47 UTC 2016-05-26 21:04 UTC *General Issues Sec Bug Closed 5.5.35 * Integer Overflow in php_html_entities() stas
72268
(edit)		 2016-05-26 15:53 UTC 2016-07-07 09:34 UTC *General Issues Sec Bug Closed 5.5.36   Integer Overflow in nl2br() stas
72400
(edit)		 2016-06-14 09:41 UTC 2016-06-21 06:46 UTC *General Issues Sec Bug Closed 5.5.36   Integer Overflow in addcslashes/addslashes stas
72403
(edit)		 2016-06-14 12:24 UTC 2016-06-27 19:23 UTC *General Issues Sec Bug Closed 5.5.36   Integer Overflow in Length of String-typed ZVAL stas
72433
(edit)		 2016-06-16 14:37 UTC 2016-06-23 12:51 UTC *General Issues Sec Bug Closed 5.5.36 * Use After Free Vulnerability in PHP's GC algorithm and unserialize dmitry
72434
(edit)		 2016-06-16 14:41 UTC 2016-06-23 12:51 UTC *General Issues Sec Bug Closed 5.5.36 * ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unseria dmitry
72663
(edit)		 2016-07-24 02:09 UTC 2016-09-05 15:28 UTC *General Issues Sec Bug Closed 5.6.24   Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization stas
72731
(edit)		 2016-08-02 11:27 UTC 2017-01-16 13:29 UTC *General Issues Sec Bug Closed 5.6.24   Type Confusion in Object Deserialization nikic
72978
(edit)		 2016-08-30 15:56 UTC 2016-12-13 11:52 UTC *General Issues Sec Bug Closed 7.0.10   Use After Free in PHP7 unserialize() stas
73052
(edit)		 2016-09-09 03:07 UTC 2016-09-16 13:36 UTC *General Issues Sec Bug Closed 5.6.25   Memory Corruption in During Deserialized-object Destruction stas
73091
(edit)		 2016-09-15 15:20 UTC 2016-10-11 23:51 UTC *General Issues Sec Bug Closed 7.0.11   Unserializing DateInterval object may lead to __toString invocation stas
73092
(edit)		 2016-09-15 15:24 UTC 2017-01-16 11:47 UTC *General Issues Sec Bug Closed 7.1.0RC1   Unserialize use-after-free when resizing object's properties hash table nikic
73147
(edit)		 2016-09-23 13:22 UTC 2016-11-02 09:25 UTC *General Issues Sec Bug Closed 5.6.26   Use After Free in unserialize() stas
73367
(edit)		 2016-10-21 15:52 UTC 2017-01-16 11:36 UTC *General Issues Sec Bug Closed 5.6.27   Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization nikic
73722
(edit)		 2016-12-12 11:29 UTC 2017-02-13 01:57 UTC *General Issues Sec Bug Closed 7.1.0   Files blocked as potential virus by AVG stas
73832
(edit)		 2016-12-29 15:03 UTC 2017-01-20 19:18 UTC *General Issues Sec Bug Closed 7.0.14 Arch Linux Use of uninitialized memory in unserialize() stas
73891
(edit)		 2017-01-08 21:20 UTC 2017-01-10 00:19 UTC *General Issues Sec Bug Closed 7.1.0 BSD open_basedir bypass through glob:// protocol pollita
74194
(edit)		 2017-03-02 07:55 UTC 2017-08-12 19:01 UTC *General Issues Sec Bug Closed 7.1Git-2017-03-02 (Git) Test on Ubuntu 16.04 x64 a heap-buffer-overflow when serializing ArrayObject nikic
74614
(edit)		 2017-05-18 15:22 UTC 2017-07-04 19:33 UTC *General Issues Sec Bug Closed 7.0.20 * Use-after-free in PHP7's unserialize() stas
76459
(edit)		 2018-06-11 22:51 UTC 2018-08-15 13:54 UTC *General Issues Sec Bug Closed 7.2.6 Windows windows linkinfo lacks openbasedir check ab
71459
(edit)		 2016-01-27 00:56 UTC 2016-02-02 03:17 UTC *Graphics related Sec Bug Closed 5.5.31 * Integer overflow in iptcembed() stas
77821
(edit)		 2019-03-29 10:09 UTC 2019-04-30 05:08 UTC *Mail Related Sec Bug Closed 7.1 Windows Potential heap corruption in TSendMail() ab
« Show Previous 30 Entries Showing 31-60 of 392 Show Next 30 Entries »
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat May 18 02:01:33 2024 UTC