Filter By Severity
CVESeverity     Type TypeSubjectDate DateAffected Versions Affected Versions
CVE-2020-7071Moderate

Cross-Site Request Forgery

CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo

2021-01-03

5.6
7.0
7.1
7.2
7.3.0 - 7.3.25
7.4.0 - 7.4.13
8.0.0
CVE-2020-7068Low

Information Disclosure

CVE-2020-7068 php: Use of freed hash key in the phar_parse_zipfile function

2020-08-06

7.2.0 - 7.2.32
7.3.0 - 7.3.20
7.4.0 - 7.4.8
CVE-2020-7070Low

Cross-Site Request Forgery

CVE-2020-7070 php: PHP parses encoded cookie names so malicious `__Host-` cookies can be sent

2020-06-14

7.2.0 - 7.2.33
7.3.0 - 7.3.22
7.4.0 - 7.4.10
CVE-2020-7067Low

Information Disclosure

out-of-bounds read when using a malformed url-encoded string

2020-04-10

7.2.0 - 7.2.29
7.3.0 - 7.3.16
7.4.0 - 7.4.4
CVE-2020-7064Moderate

Information Disclosure

information disclosure in exif_read_data() function

2020-04-01

7.2.0 - 7.2.8
7.3.0 - 7.3.15
7.4.0 - 7.4.3
CVE-2020-7065Moderate

Remote Code Execution

by using mb_strtolower() function with UTF-32LE encoding leads to potential code execution

2020-04-01

7.3.0 - 7.3.15
7.4.0 - 7.4.3
CVE-2020-7066Low

Remote File Inclusion

information disclosure in function get_headers

2020-04-01

7.2.0 - 7.2.8
7.3.0 - 7.3.15
7.4.0 - 7.4.3
CVE-2020-7062Moderate

Denial of Service

NULL pointer dereference in PHP session upload progress

2020-02-04

7.2.0 - 7.2.27
7.3.0 - 7.3.14
7.4.0 - 7.4.2
CVE-2020-7061Low

Information Disclosure

heap-based buffer overflow in phar_extract_file

2020-01-26

7.3.0 - 7.3.14
7.4.0 - 7.4.2
CVE-2020-7059Moderate

Information Disclosure

Out of bounds read in php_strip_tags_ex

2020-01-23

7.2.0 - 7.2.26
7.3.0 - 7.2.13
7.4.0 - 7.4.1
Page
Sort by severity
Sort by type
Sort by date
Sort by php versions affected