The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of PHP

PHP: information disclosure via __Host- Cookie Names
An attacker can bypass access restrictions to data via __Host- Cookie Names of PHP, in order to obtain sensitive information...
CERTFR-2020-AVI-615, CVE-2020-7070, DLA-2397-1, FEDORA-2020-4fe6b116e5, FEDORA-2020-94763cb98b, openSUSE-SU-2020:1703-1, openSUSE-SU-2020:1767-1, SUSE-SU-2020:14516-1, SUSE-SU-2020:2894-1, SUSE-SU-2020:2896-1, SUSE-SU-2020:2920-1, SUSE-SU-2020:2941-1, SUSE-SU-2020:2943-1, SUSE-SU-2020:2997-1, USN-4583-1, USN-4583-2, VIGILANCE-VUL-33467
PHP: information disclosure via AES-CCM Encryption
An attacker can bypass access restrictions to data via AES-CCM Encryption of PHP, in order to obtain sensitive information...
CERTFR-2020-AVI-615, CVE-2020-7069, FEDORA-2020-4fe6b116e5, FEDORA-2020-94763cb98b, openSUSE-SU-2020:1703-1, openSUSE-SU-2020:1767-1, SUSE-SU-2020:2896-1, SUSE-SU-2020:2941-1, SUSE-SU-2020:2943-1, SUSE-SU-2020:2997-1, USN-4583-1, USN-4583-2, VIGILANCE-VUL-33466
PHP: use after free via phar_parse_zipfile
An attacker can force the usage of a freed memory area via phar_parse_zipfile() of PHP, in order to trigger a denial of service, and possibly to run code...
79797, CERTFR-2020-AVI-488, CVE-2020-7068, DLA-2345-1, FEDORA-2020-8e36afc743, FEDORA-2020-96124cc236, openSUSE-SU-2020:1354-1, openSUSE-SU-2020:1356-1, SUSE-SU-2020:2403-1, SUSE-SU-2020:2404-1, SUSE-SU-2020:2405-1, SUSE-SU-2020:2455-1, SUSE-SU-2020:2456-1, SUSE-SU-2020:2477-1, VIGILANCE-VUL-33030
curl: information disclosure via HTTP Redirect DNS Password
An attacker can bypass access restrictions to data via HTTP Redirect DNS Password of curl, in order to obtain sensitive information...
CERTFR-2020-AVI-423, CVE-2020-8169, FEDORA-2020-55f1f7cb13, FEDORA-2020-6af1dd2936, FEDORA-2020-ad05132742, openSUSE-SU-2020:0883-1, SSA:2020-176-01, SUSE-SU-2020:1733-1, USN-4402-1, VIGILANCE-VUL-32617
PHP: memory leak
An attacker can create a memory leak of PHP, in order to trigger a denial of service...
6253313, 78875, 78876, bulletinjul2020, CERTFR-2020-AVI-292, CERTFR-2020-AVI-371, cpuoct2020, CVE-2019-11048, DLA-2261-1, DSA-4717-1, DSA-4719-1, FEDORA-2020-3ea2253402, FEDORA-2020-8838d072d5, FEDORA-2020-9fa7f4e25c, openSUSE-SU-2020:0847-1, RHSA-2020:3662-01, RHSA-2020:5275-01, SUSE-SU-2020:1661-1, SUSE-SU-2020:1661-2, SUSE-SU-2020:1714-1, USN-4375-1, VIGILANCE-VUL-32274
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
6250489, 79330, 79465, CERTFR-2020-AVI-228, cpuoct2020, CVE-2020-7067, DLA-2188-1, DSA-4717-1, DSA-4719-1, FEDORA-2020-62ee541bbb, FEDORA-2020-96cb012029, VIGILANCE-VUL-32047
PHP: memory corruption via env_path_info
An attacker can trigger a memory corruption via env_path_info() of PHP, in order to trigger a denial of service, and possibly to run code...
1172398, CERTFR-2019-AVI-534, CVE-2019-11043, DLA-1970-1, DSA-4552-1, DSA-4553-1, FEDORA-2019-187ae3128d, FEDORA-2019-4adc49a476, FEDORA-2019-7bb07c3b02, openSUSE-SU-2019:2441-1, openSUSE-SU-2019:2457-1, RHSA-2019:3286-01, RHSA-2019:3287-01, RHSA-2019:3299-01, RHSA-2019:3300-01, RHSA-2019:3724-01, RHSA-2019:3735-01, RHSA-2019:3736-01, RHSA-2020:0322-01, RHSA-2020:2835-01, SUSE-SU-2019:2809-1, SUSE-SU-2019:2819-1, SUSE-SU-2019:2909-1, SUSE-SU-2020:0522-1, Synology-SA-19:36, USN-4166-1, USN-4166-2, VIGILANCE-VUL-30713
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
6208032, 6208039, 6208048, 6208052, 6208328, 6208330, 6208332, 6208333, 6208336, bulletinapr2020, CERTFR-2020-AVI-107, CVE-2020-7061, CVE-2020-7062, CVE-2020-7063, DLA-2160-1, DSA-4717-1, DSA-4719-1, FEDORA-2020-32f9a2b308, FEDORA-2020-4ea970ebc6, openSUSE-SU-2020:0341-1, RHSA-2020:3662-01, RHSA-2020:5275-01, SUSE-SU-2020:0622-1, SUSE-SU-2020:0647-1, SUSE-SU-2020:0658-1, USN-4330-1, USN-4330-2, VIGILANCE-VUL-31652
PHP: infinite loop via php-fpm Non-blocking STDIN Stream
An attacker can trigger an infinite loop via php-fpm Non-blocking STDIN Stream of PHP, in order to trigger a denial of service...
CVE-2015-9253, USN-4279-1, USN-4279-2, VIGILANCE-VUL-31621
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
6208032, 6208039, 6208048, 6208052, 6208328, 6208330, 6208332, 6208333, 6208336, CERTFR-2020-AVI-054, cpujul2020, CVE-2020-7059, CVE-2020-7060, DLA-2124-1, DSA-4626-1, DSA-4628-1, openSUSE-SU-2020:0341-1, RHSA-2020:3662-01, RHSA-2020:5275-01, SUSE-SU-2020:0397-1, SUSE-SU-2020:0522-1, SUSE-SU-2020:0622-1, SUSE-SU-2020:14289-1, USN-4279-1, USN-4279-2, VIGILANCE-VUL-31420
Our database contains other pages. You can request a free trial to read them.

Display information about PHP: