Php

Php

725 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 12.65%
  • Veröffentlicht 27.05.2010 22:30:01
  • Zuletzt bearbeitet 16.06.2026 23:19:58

Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properl...

Exploit
  • EPSS 1.91%
  • Veröffentlicht 27.05.2010 22:30:01
  • Zuletzt bearbeitet 16.06.2026 23:19:58

The (1) iconv_mime_decode, (2) iconv_substr, and (3) iconv_mime_encode functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption o...

Exploit
  • EPSS 1.43%
  • Veröffentlicht 12.05.2010 11:46:40
  • Zuletzt bearbeitet 16.06.2026 23:19:34

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_funct...

  • EPSS 1.08%
  • Veröffentlicht 12.05.2010 11:46:40
  • Zuletzt bearbeitet 16.06.2026 23:19:34

The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by...

Exploit
  • EPSS 3.01%
  • Veröffentlicht 12.05.2010 11:46:40
  • Zuletzt bearbeitet 16.06.2026 23:19:35

Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string.

Exploit
  • EPSS 1.19%
  • Veröffentlicht 07.05.2010 23:00:01
  • Zuletzt bearbeitet 16.06.2026 23:19:28

The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal call,...

Exploit
  • EPSS 1%
  • Veröffentlicht 07.05.2010 23:00:01
  • Zuletzt bearbeitet 16.06.2026 23:19:28

The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function, which tr...

Exploit
  • EPSS 1.19%
  • Veröffentlicht 07.05.2010 23:00:01
  • Zuletzt bearbeitet 16.06.2026 23:19:28

The chunk_split function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass b...

Exploit
  • EPSS 1.19%
  • Veröffentlicht 07.05.2010 23:00:01
  • Zuletzt bearbeitet 16.06.2026 23:19:28

The addcslashes function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass b...

Exploit
  • EPSS 6.72%
  • Veröffentlicht 07.05.2010 23:00:01
  • Zuletzt bearbeitet 16.06.2026 23:19:29

The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a sig...