Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how php compares to other vendors in security performance

View Risk Score →

PHP PHPNULL pointer dereference in SOAP apache:Map decoder with missing <value>

Risk 31
Severity
2.9
EPSS
0.11%
First published (updated )
CVE-2026-7262

PHP PHPNull pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()

Risk 27
Severity
2.1
EPSS
0.05%
First published (updated )
CVE-2026-7259

npm/uriparseruriparser 1.0.0 fixes CVE-2025-67899 (DoS, CWE-674)

Risk 17
Severity
2.9
First published (updated )
CVE-2025-67899

PHP PHPIn PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 s…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-2379792

PHP PHPIn PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using PHP-FPM SA…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-2317144
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

PHP PHPPHP-FPM logs from children may be altered

Risk 14
Severity
3.3
EPSS
0.04%
First published (updated )
CVE-2024-9026

PHP PHPCVE-2023-0567[0]: PHP: Password_verify() always return true with some hash [0] https://security-tra…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-2170771

PHP PHPAn issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x befo…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-1685404

PHP php-fpmIt was reported that php-fpm package is vulnerable to symlink attack: # ls -lad /var/log/php-fpm dr…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-1228721

PHP pcre extensionIt was reported that pcre_exec in PHP pcre extension partially initialize a buffer when an invalid r…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-1187225
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

debian/php5The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrar…

Risk 25
Severity
3.6
First published (updated )
CVE-2014-5459

PHP PHPInfoleak

Risk 15
Severity
2.6
First published (updated )
CVE-2014-4721

PHP PHPacinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overw…

Risk 22
Severity
3.3
First published (updated )
CVE-2014-3981

PHP PHPIt was reported[1] to the full-disclosure mailing list that PHP's configure script uses a predictabl…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-1104978

PHP PHPOn http://git.php.net/?p=php-src.git;a=blob;f=ext/soap/php_sdl.c;h=0ac4c2ed7a9bf87bb454db58ae3d969ee…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-1009103
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

PHP PHPpdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly…

Risk 15
Severity
2.6
First published (updated )
CVE-2012-3450

PHP PHPA security flaw was found in the way the com_print_typeinfo() routine of the PHP scripting language …

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-823464

PHP PHPIt was reported that ZipArchive() would segfault when opening an empty archive with the FL_UNCHANGED…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-688735

PHP pearThe installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink att…

Risk 22
Severity
3.3
First published (updated )
CVE-2011-1072

PHP pearThe installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlin…

Risk 22
Severity
3.3
First published (updated )
CVE-2011-1144
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

PHP Exif extensionInput Validation, Integer Overflow

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-680972

PHP PHPKees Cook reported an information leak flaw in the PHP's XMLWriter, triggered by an invalid UTF-8 st…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-673101

PHP PHP IMAP extensionMateusz Kocielski reported a deficiency in the way PHP IMAP extension processed provided user creden…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-656917

PHP PHPThe upstream PHP 5.2.14 and 5.3.3 releases corrected an information disclosure flaw where the var_ex…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-617673

PHP PHPPHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior …

Risk 13
Severity
2.1
First published (updated )
CVE-2009-0754
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

PHP PHPXSS

Risk 15
Severity
2.6
First published (updated )
CVE-2008-5814

PHP PHPInput Validation

Risk 13
Severity
2.1
First published (updated )
CVE-2007-6039

PHP PHPThe imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which…

Risk 13
Severity
2.1
First published (updated )
CVE-2006-7204

PHP PHPThe mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x …

Risk 15
Severity
2.6
First published (updated )
CVE-2007-2727

PHP PHPInput Validation, CRLF Injection

Risk 15
Severity
2.6
First published (updated )
CVE-2007-2509
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203