| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-9118 | 5.0 |
PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call.
|
29-08-2022 - 19:43 | 02-08-2018 - 15:29 | |
| CVE-2017-9120 | 7.5 |
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.
|
20-07-2022 - 16:39 | 02-08-2018 - 15:29 | |
| CVE-2018-14883 | 5.0 |
An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.
|
24-08-2020 - 17:37 | 03-08-2018 - 13:29 | |
| CVE-2018-14851 | 4.3 |
exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG
|
19-08-2019 - 11:15 | 02-08-2018 - 19:29 | |
| CVE-2018-14884 | 5.0 |
An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP response leads to a segmentation fault because http_header_value in ext/standard/http_fopen_wrapper.c can be a NULL value
|
19-08-2019 - 11:15 | 03-08-2018 - 13:29 | |
| CVE-2018-15132 | 5.0 |
An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files
|
08-03-2019 - 13:30 | 07-08-2018 - 15:29 |