php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

  Showing 1-30 of 392 Show Next 30 Entries »
ID# Date Last Modified Package Type Status PHP Version OS Summary Assigned
70312
(edit)		 2015-08-20 15:00 UTC 2015-08-30 13:17 UTC hash related Sec Bug Closed 5.4.44 Windows/linux HAVAL gives wrong hashes in specific cases  
70345
(edit)		 2015-08-24 17:31 UTC 2015-09-01 18:44 UTC PCRE related Sec Bug Closed 5.4 Windows/Linux Multiple vulnerabilities related to PCRE functions  
77509
(edit)		 2019-01-23 16:18 UTC 2019-03-12 19:55 UTC EXIF related Sec Bug Closed 7.1.26 Windows, Linux 32bit Uninitialized read in exif_process_IFD_in_TIFF stas
77540
(edit)		 2019-01-29 13:17 UTC 2019-03-12 19:55 UTC EXIF related Sec Bug Closed 7.1.26 Windows, Linux Invalid Read on exif_process_SOFn stas
77563
(edit)		 2019-02-04 07:50 UTC 2019-03-08 23:58 UTC EXIF related Sec Bug Closed 7.1.26 Windows, Linux Uninitialized read in exif_process_IFD_in_MAKERNOTE stas
77659
(edit)		 2019-02-23 13:50 UTC 2019-03-12 19:56 UTC EXIF related Sec Bug Closed 7.3.2 Windows, Linux Uninitialized read in exif_process_IFD_in_MAKERNOTE stas
77973
(edit)		 2019-05-05 10:29 UTC 2019-06-21 00:18 UTC GD related Sec Bug Closed 7.1.29 Windows, Linux Uninitialized read in gdImageCreateFromXbm stas
70019
(edit)		 2015-07-08 09:33 UTC 2015-09-09 10:01 UTC PHAR related Sec Bug Closed 5.6.10 Windows 7 64bit, OSX 10.10 Files extracted from archive may be placed outside of destination directory stas
55749
(edit)		 2011-09-21 04:53 UTC 2011-09-30 17:11 UTC Unknown/Other Function Sec Bug Closed trunk-SVN-2011-09-21 (SVN) Windows TOCTOU issue in getenv() on Windows builds pajoye
69033
(edit)		 2015-02-12 04:31 UTC 2015-03-17 23:55 UTC Scripting Engine problem Sec Bug Closed 5.5.21 Windows Request may get env. variables from previous requests if PHP works as FastCGI ab
69134
(edit)		 2015-02-27 05:06 UTC 2015-03-17 23:55 UTC PHP options/info functions Sec Bug Closed 5.5.22 Windows Per Directory Values overrides PHP_INI_SYSTEM configuration options ab
69646
(edit)		 2015-05-15 23:12 UTC 2015-06-18 12:31 UTC Program Execution Sec Bug Closed Irrelevant Windows OS command injection vulnerability in escapeshellarg ab
69768
(edit)		 2015-06-07 18:01 UTC 2015-07-10 14:45 UTC Program Execution Sec Bug Closed 5.6.9 Windows escapeshell*() doesn't cater to ! cmb
74206
(edit)		 2017-03-04 22:30 UTC 2017-10-16 03:04 UTC Unknown/Other Function Sec Bug Closed Irrelevant Windows escapeshellarg PHP function bypass stas
74207
(edit)		 2017-03-04 22:49 UTC 2017-10-16 03:04 UTC Unknown/Other Function Sec Bug Closed Irrelevant Windows escapeshellcmd PHP function bypass pollita
76459
(edit)		 2018-06-11 22:51 UTC 2018-08-15 13:54 UTC *General Issues Sec Bug Closed 7.2.6 Windows windows linkinfo lacks openbasedir check ab
77821
(edit)		 2019-03-29 10:09 UTC 2019-04-30 05:08 UTC *Mail Related Sec Bug Closed 7.1 Windows Potential heap corruption in TSendMail() ab
78862
(edit)		 2019-11-23 09:23 UTC 2019-12-16 19:01 UTC Filesystem function related Sec Bug Closed 7.3.12 Windows link() silently truncates after a null byte on Windows stas
78878
(edit)		 2019-11-28 15:03 UTC 2019-12-16 19:01 UTC BC math related Sec Bug Closed 7.4.0 Windows Buffer underflow in bc_shift_addsub stas
78943
(edit)		 2019-12-10 17:12 UTC 2019-12-16 19:08 UTC *Mail Related Sec Bug Closed 7.3.13RC1 Windows mail() may release string with refcount==1 twice stas
79171
(edit)		 2020-01-26 15:03 UTC 2020-02-17 08:23 UTC PHAR related Sec Bug Closed 7.3Git-2020-01-26 (Git) Windows heap-buffer-overflow in phar_extract_file stas
81420
(edit)		 2021-09-06 14:20 UTC 2021-09-21 04:36 UTC Zip Related Sec Bug Closed 7.3 Windows ZipArchive::extractTo may extract outside of destination dir stas
61910
(edit)		 2012-05-02 17:56 UTC 2012-05-09 21:37 UTC CGI/CLI related Sec Bug Closed 5.4.1 Unix VU#520827 - PHP-CGI query string parameter vulnerability johannes
71498
(edit)		 2016-02-02 16:48 UTC 2016-03-02 06:38 UTC PHAR related Sec Bug Closed 5.5.32 Unix Out-of-Bound Read in phar_parse_zipfile() stas
74087
(edit)		 2017-02-12 09:32 UTC 2017-07-05 04:12 UTC PCRE related Sec Bug Closed 7.1.1 Ubuntu16.04LTS Segmentation fault in PHP7.1.1(compiled using the bundled PCRE library)  
76249
(edit)		 2018-04-22 15:18 UTC 2018-04-29 20:47 UTC Streams related Sec Bug Closed 7.0.29 ubuntu/xenial x64 stream filter convert.iconv leads to infinite loop on invalid sequence stas
81726
(edit)		 2022-07-19 14:30 UTC 2022-09-29 18:58 UTC PHAR related Sec Bug Closed 7.4.30 ubuntu-20.04 phar wrapper can occur dos when using quine gzip file stas
69403
(edit)		 2015-04-09 06:24 UTC 2015-05-12 19:39 UTC Strings related Sec Bug Closed 5.4.40 Ubuntu x86_64 str_repeat() sign mismatch based memory corruption stas
69793
(edit)		 2015-06-10 16:42 UTC 2015-08-04 22:20 UTC Class/Object related Sec Bug Closed Irrelevant Ubuntu x86_64 Remotely triggerable stack exhaustion via recursive method calls  
70081
(edit)		 2015-07-15 11:41 UTC 2023-12-31 10:07 UTC SOAP related Sec Bug Closed Irrelevant Ubuntu x86_64 Hidden because of SPAM ondrej
  Showing 1-30 of 392 Show Next 30 Entries »
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Tue May 21 15:01:34 2024 UTC