php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

  Showing 1-30 of 392 Show Next 30 Entries »
ID# Date Last Modified Package Type Status PHP Version OS Summary Assigned
67390
(edit)		 2014-06-06 12:12 UTC 2014-06-06 22:52 UTC *Compile Issues Sec Bug Closed 5.4.29 irrevelant insecure temporary file use in the configure script remi
68594
(edit)		 2014-12-12 03:21 UTC 2014-12-19 09:44 UTC *Data Exchange functions Sec Bug Closed 5.4.35 * Use after free vulnerability in unserialize() stas
74101
(edit)		 2017-02-15 10:53 UTC 2017-08-23 13:47 UTC *Data Exchange functions Sec Bug Closed 7.1.2RC1 Linux (4.4.0-59-generic) Unserialize Heap Use-After-Free (READ: 1) in zval_get_type ab
74103
(edit)		 2017-02-15 19:06 UTC 2017-08-18 17:18 UTC *Data Exchange functions Sec Bug Closed 7.1.2RC1 Linux (4.4.0-59-generic) heap-use-after-free when unserializing invalid array size nikic
74111
(edit)		 2017-02-16 15:04 UTC 2017-08-23 13:47 UTC *Data Exchange functions Sec Bug Closed 7.1.2RC1 Linux (4.4.0-59-generic) Heap buffer overread (READ: 1) finish_nested_data from unserialize stas
61504
(edit)		 2012-03-25 12:49 UTC 2012-04-06 13:31 UTC *Directory/Filesystem functions Sec Bug Closed Irrelevant all Potential vulnerability in fileinfo ext ab
68735
(edit)		 2015-01-03 17:48 UTC 2015-03-19 16:20 UTC *Directory/Filesystem functions Sec Bug Closed 5.4.* any fileinfo out-of-bounds memory access ab
69418
(edit)		 2015-04-10 12:46 UTC 2015-05-19 05:34 UTC *Directory/Filesystem functions Sec Bug Closed 5.5.23   CVE-2006-7243 fix regressions in 5.4+ laruence
81746
(edit)		 2023-01-20 22:19 UTC 2023-02-13 04:40 UTC *Directory/Filesystem functions Sec Bug Closed 8.0.27 Linux 1-byte array overrun in common path resolve code stas
64449
(edit)		 2013-03-18 22:25 UTC 2020-06-24 12:07 UTC *Encryption and hash functions Sec Bug Closed 5.4.13 Linux crypt doesn't fail on "$" in CRYPT_DES salt nikic
78269
(edit)		 2019-07-10 09:15 UTC 2019-07-10 16:15 UTC *Encryption and hash functions Sec Bug Closed 7.2.20 irrevelant password_hash uses weak options for argon2  
78510
(edit)		 2019-09-07 17:29 UTC 2019-09-09 13:36 UTC *Encryption and hash functions Sec Bug Closed 7.3.9 Any Partially uninitialized buffer returned by sodium_crypto_generichash_init() cmb
81744
(edit)		 2023-01-05 12:52 UTC 2023-02-13 04:40 UTC *Encryption and hash functions Sec Bug Closed 8.2.0   Password_verify() always return true with some hash stas
54681
(edit)		 2011-05-07 00:58 UTC 2011-08-22 11:44 UTC *General Issues Sec Bug Closed 5.3.6 NetBSD addGlob() crashes on invalid flags pajoye
60262
(edit)		 2011-11-11 11:46 UTC 2018-12-18 01:27 UTC *General Issues Sec Bug Closed 5.4.0RC1   multiple flaws memory_limit bypass, dos, code exec stas
67249
(edit)		 2014-05-12 01:35 UTC 2014-05-27 19:21 UTC *General Issues Sec Bug Closed 5.4.28 * printf out-of-bounds read stas
68027
(edit)		 2014-09-16 09:42 UTC 2014-10-14 17:41 UTC *General Issues Sec Bug Closed 5.6.0 Ubuntu 14.04.1 LTS 64bit AddressSanitizer reports a global buffer overflow in mkgmtime() function.  
68089
(edit)		 2014-09-24 11:59 UTC 2014-10-14 17:41 UTC *General Issues Sec Bug Closed 5.6.0 Ubuntu 14.04 LTS NULL byte injection - cURL lib  
68976
(edit)		 2015-02-03 06:18 UTC 2015-03-31 05:51 UTC *General Issues Sec Bug Closed 5.6.5 * Use After Free Vulnerability in unserialize() stas
69353
(edit)		 2015-04-02 06:39 UTC 2016-02-11 12:57 UTC *General Issues Sec Bug Closed 5.6.7 N/A Missing null byte checks for paths in various PHP extensions stas
69425
(edit)		 2015-04-11 01:55 UTC 2017-01-16 13:29 UTC *General Issues Sec Bug Closed 5.4.39   Use After Free in unserialize() nikic
69719
(edit)		 2015-05-28 12:00 UTC 2016-02-11 12:48 UTC *General Issues Sec Bug Closed 5.6.9   Incorrect handling of paths with NULs, related to bug 69353 stas
70121
(edit)		 2015-07-23 21:40 UTC 2015-08-04 22:21 UTC *General Issues Sec Bug Closed Irrelevant Ubuntu x86_64 unserialize() could lead to unexpected methods execution / NULL pointer deref  
70155
(edit)		 2015-07-27 14:37 UTC 2015-08-16 22:15 UTC *General Issues Sec Bug Closed 5.4.43 * Use After Free Vulnerability in unserialize() with SPLArrayObject stas
70166
(edit)		 2015-07-29 13:28 UTC 2015-09-09 10:05 UTC *General Issues Sec Bug Closed 5.4.43 * Use After Free Vulnerability in unserialize() with SPLArrayObject stas
70168
(edit)		 2015-07-30 10:52 UTC 2015-09-09 10:05 UTC *General Issues Sec Bug Closed 5.4.43 * Use After Free Vulnerability in unserialize() with SplObjectStorage stas
70169
(edit)		 2015-07-30 11:11 UTC 2015-09-09 10:05 UTC *General Issues Sec Bug Closed 5.4.43 * Use After Free Vulnerability in unserialize() with SplDoublyLinkedList stas
70172
(edit)		 2015-07-31 01:38 UTC 2016-10-23 19:47 UTC *General Issues Sec Bug Closed 5.4.43 * Use After Free Vulnerability in unserialize() stas
70219
(edit)		 2015-08-09 10:30 UTC 2015-09-09 10:08 UTC *General Issues Sec Bug Closed 5.4.44 * Use after free vulnerability in session deserializer stas
70284
(edit)		 2015-08-17 17:07 UTC 2015-09-01 19:11 UTC *General Issues Sec Bug Closed 5.6.12 * Use after free vulnerability in unserialize() with GMP stas
  Showing 1-30 of 392 Show Next 30 Entries »
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri May 03 18:01:34 2024 UTC