Filter By Severity
CVESeverity     Type TypeSubjectDate DateAffected Versions Affected VersionsFixed Products
CVE-2023-3823Critical

Cross-Site Request Forgery

XML External Entity vector

2023-08-11

7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.33
8.0.0 - 8.0.29
8.1.0 - 8.1.21
8.2.0 - 8.2.8
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendPHP 8.2
ZendServer 2019.1.4
ZendServer 2021.3.2
CVE-2023-3247Moderate

Information Disclosure

Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP

2023-06-08

7.2.0-7.2.34
7.3.0-7.3.33
7.4.0-7.4.33
8.0.0-8.0.28
8.1.0-8.1.19
8.2.0-8.2.6
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendPHP 8.2
ZendServer 2019.1.4
ZendServer 2021.3.2
CVE-2023-0662Critical

Cross-Site Request Forgery

DOS vulnerability when parsing multipart request body

2023-02-14

7.1.0-7.1.33
7.2.0-7.2.34
7.3.0-7.3.33
7.4.0-7.4.33
8.0.0-8.0.27
8.1.0-8.1.15
8.2.0-8.2.2
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendPHP 8.2
ZendServer 9.1.16
ZendServer 2019.1.3
ZendServer 2021.3.1
CVE-2022-31631Low

SQL Injection

CVE-2022-31631 php: PDO::quote() may return unquoted string due to an integer overflow

2023-01-05

7.0.0 - 7.4.33
8.0.0 - 8.0.26
8.1.0 - 8.1.13
8.2.0
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendPHP 8.2
CVE-2022-31630Critical

Cross-Site Request Forgery

CVE-2022-31630 php: OOB read due to insufficient input validation in imageloadfont()

2022-10-27

7.4.0 - 7.4.32
8.0.0 - 8.0.24
8.1.0 - 8.1.11
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 2021.3.0
CVE-2022-31628Moderate

Remote Code Execution

CVE-2022-31628 php: phar wrapper can produce a denial of service when using quine gzip file

2022-09-29

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.30
8.0.0 - 8.0.23
8.1.0 - 8.1.10
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.1.20
ZendServer 9.1.15
ZendServer 2019.1.2
ZendServer 2021.3.0
CVE-2022-31629Critical

XML Entity Expansion

CVE-2022-31629 php: standard insecure cookie could be treated as a `__Host-` or `__Secure-` cookie by PHP applications

2022-09-29

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.30
8.0.0 - 8.0.23
8.1.0 - 8.1.10
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.5.20
ZendServer 9.1.15
ZendServer 2019.1.2
ZendServer 2021.3.0
CVE-2022-31627Critical

Cross-Site Request Forgery

CVE-2022-31627 php: heap buffer overflow in finfo_buffer

2022-07-08

8.1.0 - 8.1.7
ZendPHP 8.1
CVE-2022-31625High

Remote Code Execution

CVE-2022-31625 php: uninitialized array in pg_query_params() leading to RCE

2022-05-16

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.29
8.0.0 - 8.0.19
8.1.0 - 8.1.6
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.5.19
ZendServer 9.1.14
ZendServer 2019.1.1
ZendServer 2021.2.0
CVE-2022-31626High

Remote Code Execution

CVE-2022-31626 php: password of excessive length triggers buffer overflow leading to RCE

2022-05-16

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.29
8.0.0 - 8.0.19
8.1.0 - 8.1.6
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 8.5.19
ZendServer 9.1.14
ZendServer 2019.1.1
ZendServer 2021.2.0
Page
Sort by severity
Sort by type
Sort by date
Sort by php versions affected