Логотип exploitDog
product: "php"
Консоль
Логотип exploitDog

exploitDog

product: "php"
PHP

PHPпопулярный язык сценариев общего назначения, особенно подходящий для веб-разработки.

Релизный цикл, информация об уязвимостях

Продукт: PHP
Вендор: php

График релизов

8.18.28.38.4202120222023202420252026202720282029

Недавние уязвимости PHP

Количество 3 799

nvd логотип

CVE-2007-4784

почти 18 лет назад

The setlocale function in PHP before 5.2.4 allows context-dependent attackers to cause a denial of service (application crash) via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be demonstrated for code execution.

CVSS2: 5
EPSS: Низкий
debian логотип

CVE-2007-4783

почти 18 лет назад

The iconv_substr function in PHP 5.2.4 and earlier allows context-depe ...

CVSS2: 5
EPSS: Низкий
debian логотип

CVE-2007-4782

почти 18 лет назад

PHP before 5.2.3 allows context-dependent attackers to cause a denial ...

CVSS2: 5
EPSS: Низкий
debian логотип

CVE-2007-4784

почти 18 лет назад

The setlocale function in PHP before 5.2.4 allows context-dependent at ...

CVSS2: 5
EPSS: Низкий
ubuntu логотип

CVE-2007-4782

почти 18 лет назад

PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined characteristics, as demonstrated by a "*[1]e" value. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-4670

почти 18 лет назад

Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.

CVSS2: 5
EPSS: Низкий
debian логотип

CVE-2007-4670

почти 18 лет назад

Unspecified vulnerability in PHP before 5.2.4 has unknown impact and a ...

CVSS2: 5
EPSS: Низкий
ubuntu логотип

CVE-2007-4670

почти 18 лет назад

Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-4657

почти 18 лет назад

Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-4660

почти 18 лет назад

Unspecified vulnerability in the chunk_split function in PHP before 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation.

CVSS2: 7.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
nvd логотип
CVE-2007-4784

The setlocale function in PHP before 5.2.4 allows context-dependent attackers to cause a denial of service (application crash) via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be demonstrated for code execution.

CVSS2: 5
1%
Низкий
почти 18 лет назад
debian логотип
CVE-2007-4783

The iconv_substr function in PHP 5.2.4 and earlier allows context-depe ...

CVSS2: 5
1%
Низкий
почти 18 лет назад
debian логотип
CVE-2007-4782

PHP before 5.2.3 allows context-dependent attackers to cause a denial ...

CVSS2: 5
3%
Низкий
почти 18 лет назад
debian логотип
CVE-2007-4784

The setlocale function in PHP before 5.2.4 allows context-dependent at ...

CVSS2: 5
1%
Низкий
почти 18 лет назад
ubuntu логотип
CVE-2007-4782

PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined characteristics, as demonstrated by a "*[1]e" value. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.

CVSS2: 5
3%
Низкий
почти 18 лет назад
nvd логотип
CVE-2007-4670

Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.

CVSS2: 5
3%
Низкий
почти 18 лет назад
debian логотип
CVE-2007-4670

Unspecified vulnerability in PHP before 5.2.4 has unknown impact and a ...

CVSS2: 5
3%
Низкий
почти 18 лет назад
ubuntu логотип
CVE-2007-4670

Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.

CVSS2: 5
3%
Низкий
почти 18 лет назад
nvd логотип
CVE-2007-4657

Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996.

CVSS2: 7.5
2%
Низкий
почти 18 лет назад
nvd логотип
CVE-2007-4660

Unspecified vulnerability in the chunk_split function in PHP before 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation.

CVSS2: 7.5
2%
Низкий
почти 18 лет назад

Уязвимостей на страницу


Поделиться