Filter By Severity
CVESeverity     Type TypeSubjectDate DateAffected Versions Affected Versions
CVE-2020-7067Low

Information Disclosure

out-of-bounds read when using a malformed url-encoded string

2020-04-10

7.2.0 - 7.2.29
7.3.0 - 7.3.16
7.4.0 - 7.4.4
CVE-2020-7064Moderate

Information Disclosure

information disclosure in exif_read_data() function

2020-04-01

7.2.0 - 7.2.8
7.3.0 - 7.3.15
7.4.0 - 7.4.3
CVE-2020-7065Moderate

Remote Code Execution

by using mb_strtolower() function with UTF-32LE encoding leads to potential code execution

2020-04-01

7.3.0 - 7.3.15
7.4.0 - 7.4.3
CVE-2020-7066Low

Remote File Inclusion

information disclosure in function get_headers

2020-04-01

7.2.0 - 7.2.8
7.3.0 - 7.3.15
7.4.0 - 7.4.3
CVE-2020-7062Moderate

Denial of Service

NULL pointer dereference in PHP session upload progress

2020-02-04

7.2.0 - 7.2.27
7.3.0 - 7.3.14
7.4.0 - 7.4.2
CVE-2020-7061Low

Information Disclosure

heap-based buffer overflow in phar_extract_file

2020-01-26

7.3.0 - 7.3.14
7.4.0 - 7.4.2
CVE-2020-7059Moderate

Information Disclosure

Out of bounds read in php_strip_tags_ex

2020-01-23

7.2.0 - 7.2.26
7.3.0 - 7.2.13
7.4.0 - 7.4.1
CVE-2020-7060Moderate

Information Disclosure

Global buffer-overflow in mbfl_filt_conv_big5_wchar function

2020-01-23

7.2.0 - 7.2.26
7.3.0 - 7.3.13
7.4.0 - 7.4.1
CVE-2020-7063Moderate

Privilege Escalation

files added to tar with Phar::buildFromIterator have all-access permissions

2020-01-08

7.2.0 - 7.2.27
7.3.0 - 7.3.14
7.4.0 - 7.4.2
CVE-2019-11045Moderate

Privilege Escalation

PHP DirectoryIterator class accepts filenames with embedded null byte and treats them as terminating at that byte

2019-12-22

7.2.0 - 7.2.25
7.3.0 - 7.3.12
7.4.0
Page
Sort by severity
Sort by type
Sort by date
Sort by php versions affected