Filter By Severity
CVESeverity     Type TypeSubjectDate DateAffected Versions Affected VersionsFixed Products
CVE-2022-31631Low

SQL Injection

CVE-2022-31631 php: PDO::quote() may return unquoted string due to an integer overflow

2023-01-05

7.0.0 - 7.4.33
8.0.0 - 8.0.26
8.1.0 - 8.1.13
8.2.0
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendPHP 8.2
CVE-2022-31630Moderate

Information Disclosure

CVE-2022-31630 php: OOB read due to insufficient input validation in imageloadfont()

2022-10-27

7.4.0 - 7.4.32
8.0.0 - 8.0.24
8.1.0 - 8.1.11
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 2021.3.0
CVE-2022-31628Moderate

Denial of Service

CVE-2022-31628 php: phar wrapper can produce a denial of service when using quine gzip file

2022-09-29

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.30
8.0.0 - 8.0.23
8.1.0 - 8.1.10
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.1.20
ZendServer 9.1.15
ZendServer 2019.1.2
ZendServer 2021.3.0
CVE-2022-31629Moderate

Cross-Site Request Forgery

CVE-2022-31629 php: standard insecure cookie could be treated as a `__Host-` or `__Secure-` cookie by PHP applications

2022-09-29

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.30
8.0.0 - 8.0.23
8.1.0 - 8.1.10
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.5.20
ZendServer 9.1.15
ZendServer 2019.1.2
ZendServer 2021.3.0
CVE-2022-31627Critical

Information Disclosure

CVE-2022-31627 php: heap buffer overflow in finfo_buffer

2022-07-08

8.1.0 - 8.1.7
ZendPHP 8.1
CVE-2022-31625High

Remote Code Execution

CVE-2022-31625 php: uninitialized array in pg_query_params() leading to RCE

2022-05-16

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.29
8.0.0 - 8.0.19
8.1.0 - 8.1.6
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.5.19
ZendServer 9.1.14
ZendServer 2019.1.1
ZendServer 2021.2.0
CVE-2022-31626High

Remote Code Execution

CVE-2022-31626 php: password of excessive length triggers buffer overflow leading to RCE

2022-05-16

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.29
8.0.0 - 8.0.19
8.1.0 - 8.1.6
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.5.19
ZendServer 9.1.14
ZendServer 2019.1.1
ZendServer 2021.2.0
CVE-2021-21708Moderate

Denial of Service

CVE-2021-21708 php: Use after free due to php_filter_float() failing

2022-02-17

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.32
7.4.0 - 7.4.27
8.0.0 - 8.0.15
8.1.0 - 8.1.2
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 9.1.13
ZendServer 2019.1.0
ZendServer 2021.1.2
CVE-2021-21707High

Information Disclosure

CVE-2021-21707 php: special character breaks path in xml parsing

2021-11-15

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.32
7.4.0 - 7.4.25
8.0.0 - 8.0.12
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendServer 2021.1.1
CVE-2021-21703Critical

Privilege Escalation

CVE-2021-21703 php: Local privilege escalation via PHP-FPM

2021-10-20

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.31
7.4.0 - 7.4.24
8.0.0 - 8.0.11
ZendServer 8.5.18
Page
Sort by severity
Sort by type
Sort by date
Sort by php versions affected