| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-2483 | 5.0 |
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext passwo
|
25-10-2023 - 20:23 | 25-08-2011 - 14:22 | |
| CVE-2011-4566 | 6.4 |
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_v
|
29-08-2022 - 20:11 | 29-11-2011 - 00:55 | |
| CVE-2012-0057 | 6.4 |
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
|
18-01-2018 - 02:29 | 02-02-2012 - 00:55 | |
| CVE-2011-4885 | 5.0 |
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
|
09-01-2018 - 02:29 | 30-12-2011 - 01:55 | |
| CVE-2011-1938 | 7.5 |
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.
|
17-08-2017 - 01:34 | 31-05-2011 - 20:55 |