Vulnerabilidades em PHP Group
88 resultadosCVE-2024-4577CRITICALArgument Injection in PHP-CGIEPSS 100.0%KEVCVE-2022-31626HIGHmysqlnd/pdo password buffer overflowEPSS 58.4%CVE-2022-31629MEDIUM$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilitiesEPSS 49.3%CVE-2024-2756MEDIUM__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fixEPSS 37.9%CVE-2024-1874CRITICALCommand injection via array-ish $command parameter of proc_open()EPSS 32.6%CVE-2024-5585HIGHCommand injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)EPSS 28.8%CVE-2021-21707MEDIUMSpecial characters break path parsing in XML functionsEPSS 26.0%CVE-2024-5458MEDIUMFilter bypass in filter_var (FILTER_VALIDATE_URL)EPSS 12.1%CVE-2020-7060MEDIUMglobal buffer-overflow in mbfl_filt_conv_big5_wcharEPSS 8.9%CVE-2019-11045LOWDirectoryIterator class silently truncates after a null byteEPSS 8.8%CVE-2023-3824CRITICALBuffer overflow and overread in phar_dir_read()EPSS 8.0%CVE-2019-11050MEDIUMUse-after-free in exif parsing under memory sanitizerEPSS 7.4%CVE-2020-7059MEDIUMOOB read in php_strip_tags_exEPSS 7.4%CVE-2019-11047MEDIUMHeap-buffer-overflow READ in exifEPSS 7.3%CVE-2019-11036MEDIUMHeap over-read in PHP EXIF extensionEPSS 6.8%CVE-2019-11048MEDIUMTemporary files are not cleaned after OOM when parsing HTTP request dataEPSS 6.3%CVE-2019-11044LOWlink() silently truncates after a null byte on WindowsEPSS 5.1%CVE-2020-7070MEDIUMPHP parses encoded cookie names so malicious `__Host-` cookies can be sentEPSS 5.0%CVE-2020-7065HIGHmb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_fullEPSS 4.7%CVE-2019-11041MEDIUMheap-buffer-overflow on exif_scan_thumbnail in EXIF extensionEPSS 4.4%