php group Summary

Latest vulnerabilities published by php group

JSON RSS CSV 🔔 Create Alert Trigger

13 July 2025

Escaping Function Flaw in PHP Impacts PostgreSQL Integration
CVE-2025-1735
PHP GroupPHP7.5HIGH
Insufficient Validation in PHP Functions Exposes Users to Security Risks
CVE-2025-1220
PHP GroupPHP5.3MEDIUM
Null Pointer Dereference Vulnerability in PHP SOAP Extensions
CVE-2025-6491
PHP GroupPHP5.9MEDIUM

4 April 2025

Use-After-Free Vulnerability in PHP Products by PHP Group
CVE-2024-11235
PHP GroupPHP9.2CRITICAL

30 March 2025

Buffer Limit Vulnerability in PHP Affects Multiple Versions
CVE-2025-1861
PHP GroupPHP6.3MEDIUM
Insufficient Validation of User-Supplied Headers in PHP
CVE-2025-1736
PHP GroupPHP6.3MEDIUM
Invalid Header Handling Vulnerability in PHP Products
CVE-2025-1734
PHP GroupPHP6.3MEDIUM
Improper Content-Type Handling in PHP Affecting Multiple Versions
CVE-2025-1219
PHP GroupPHP👾📰6.3MEDIUM

29 March 2025

Malformed HTTP Response Vulnerability in PHP Products
CVE-2025-1217
PHP GroupPHP6.3MEDIUM

12 February 2025

SQL Injection Risk in PHP SQLite Driver for PHP Versions
CVE-2022-31631
PHP GroupPHP9.1CRITICAL

24 November 2024

Buffer Overread Vulnerabilities in PHP Could Lead to Crashes or Memory Disclosure
CVE-2024-11233
PHP GroupPHP8.2HIGH

22 November 2024

PHP Versions Before 8.3.14 Vulnerable to MySQL Server Attack
CVE-2024-8929
PHP GroupPHP5.8MEDIUM
Uncontrolled Long String Inputs Can Cause Integer Overflow and Out-of-Bounds Write in PHP
CVE-2024-8932
PHP GroupPHP9.8CRITICAL

8 October 2024

Vulnerability in PHP-FPM Allow Remote Attackers to Manipulate Log Messages and Remove Up to 4 Characters
CVE-2024-9026
PHP GroupPHP3.3LOW
HTTP_REDIRECT_STATUS variable manipulation can lead to arbitrary file inclusion in PHP
CVE-2024-8927
PHP GroupPHP7.5HIGH
CVE-2024-4577 Vulnerability in PHP Could Allow Command Injection and Source Code Revelation
CVE-2024-8926
PHP GroupPHP8.8HIGH
Erroneous Parsing of Multipart Form Data in PHP Could Lead to Data Tampering
CVE-2024-8925
PHP GroupPHP5.3MEDIUM

9 June 2024

OpenSSL Private Decrypt Vulnerability
CVE-2024-2408
PHP GroupPHP5.9MEDIUM
PHP CGI Module Vulnerability Allows Malicious User to Reveal Source Code and Run Arbitrary PHP Code on Server
CVE-2024-4577
PHP GroupPHP🥇📈💰👾🟡EPSS 94%🦅📰9.8CRITICAL
PHP Versions Before 8.3.8 Vulnerable to URL Filtering Error
CVE-2024-5458
PHP GroupPHP5.3MEDIUM
Trailing spaces in command names can lead to arbitrary command execution in PHP
CVE-2024-5585
PHP GroupPHP7.7HIGH

29 April 2024

Arbitrary Command Execution Vulnerability in PHP Proc Open Function
CVE-2024-1874
PHP GroupPHP👾🟡EPSS 54%📰9.4CRITICAL
Network and Same-Site Attackers Can Set Insecure Cookies in Victim's Browser
CVE-2024-2756
PHP GroupPHP📰6.5MEDIUM
Endless Loop in mb_encode_mimeheader Function Could Lead to DoS Attack
CVE-2024-2757
PHP GroupPHP7.5HIGH
Blank Password String Can Trigger False Positive Matches in PHP password_verify()
CVE-2024-3096
PHP GroupPHP💰👾📰6.5MEDIUM

php group Summary

Vulnerability Published:

Sort By:

13 July 2025

Escaping Function Flaw in PHP Impacts PostgreSQL Integration

Insufficient Validation in PHP Functions Exposes Users to Security Risks

Null Pointer Dereference Vulnerability in PHP SOAP Extensions

4 April 2025

Use-After-Free Vulnerability in PHP Products by PHP Group

30 March 2025

Buffer Limit Vulnerability in PHP Affects Multiple Versions

Insufficient Validation of User-Supplied Headers in PHP

Invalid Header Handling Vulnerability in PHP Products

Improper Content-Type Handling in PHP Affecting Multiple Versions

29 March 2025

Malformed HTTP Response Vulnerability in PHP Products

12 February 2025

SQL Injection Risk in PHP SQLite Driver for PHP Versions

24 November 2024

Buffer Overread Vulnerabilities in PHP Could Lead to Crashes or Memory Disclosure

22 November 2024

PHP Versions Before 8.3.14 Vulnerable to MySQL Server Attack

Uncontrolled Long String Inputs Can Cause Integer Overflow and Out-of-Bounds Write in PHP

8 October 2024

Vulnerability in PHP-FPM Allow Remote Attackers to Manipulate Log Messages and Remove Up to 4 Characters

HTTP_REDIRECT_STATUS variable manipulation can lead to arbitrary file inclusion in PHP

CVE-2024-4577 Vulnerability in PHP Could Allow Command Injection and Source Code Revelation

Erroneous Parsing of Multipart Form Data in PHP Could Lead to Data Tampering

9 June 2024

OpenSSL Private Decrypt Vulnerability

PHP CGI Module Vulnerability Allows Malicious User to Reveal Source Code and Run Arbitrary PHP Code on Server

PHP Versions Before 8.3.8 Vulnerable to URL Filtering Error

Trailing spaces in command names can lead to arbitrary command execution in PHP

29 April 2024

Arbitrary Command Execution Vulnerability in PHP Proc Open Function

Network and Same-Site Attackers Can Set Insecure Cookies in Victim's Browser

Endless Loop in mb_encode_mimeheader Function Could Lead to DoS Attack

Blank Password String Can Trigger False Positive Matches in PHP password_verify()