Astra Linux - уязвимость в php7.3

In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21, and 8.0.x below 8.0.8, when using URL validation functionality via the filterVar function with the FILTERVALIDATEURL parameter, a URL with an invalid password field can be accepted as valid. This can cause the code to incorrectly parse the U...

EUVD-2015-3456

Malware in sbrugna...

PT-2025-28036

Name of the Vulnerable Software and Affected Versions PHP versions prior to 8.1.33 PHP versions prior to 8.2.29 PHP versions prior to 8.3.23 PHP versions prior to 8.4.10 PHP 7.4 affected versions not specified PHP 8.2 affected versions not specified Description PHP versions 8.1. before 8.1.33, 8....

PHP 资源管理错误漏洞

PHP is a scripting language for PHP that executes server-side. A resource management error vulnerability exists in PHP versions 8.0.X prior to 8.0.28, 8.1.X prior to 8.1.16, and 8.2.X prior to 8.2.3, which stems from the fact that too many uploaded portions of an HTTP form can lead to a denial of...

SUSE CVE-2019-11035

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exifiifaddvalue function. This may lead to information disclosure or crash...

CVE-2019-11046

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII...

PHP DateTime Use-After-Free

Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod objects's wakeup magic method that can be abused...