Filter By Severity
CVESeverity     Type TypeSubjectDate DateAffected Versions Affected VersionsFixed Products
CVE-2021-21707High

Information Disclosure

CVE-2021-21707 php: special character breaks path in xml parsing

2021-11-15

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.32
7.4.0 - 7.4.25
8.0.0 - 8.0.12
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendServer 2021.1.1
CVE-2021-21703Critical

Privilege Escalation

CVE-2021-21703 php: Local privilege escalation via PHP-FPM

2021-10-20

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.31
7.4.0 - 7.4.24
8.0.0 - 8.0.11
ZendServer 8.5.18
CVE-2021-21702Moderate

Denial of Service

CVE-2021-21702 php: NULL pointer dereference in SoapClient

2021-01-26

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.26
7.4.0 - 7.4.14
8.0.0 - 8.0.1
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendServer 8.5.17
ZendServer 9.1.12
ZendServer 2019.0.7
CVE-2020-7071Moderate

Remote File Inclusion

CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo

2021-01-03

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.25
7.4.0 - 7.4.13
8.0.0
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendServer 8.5.16
ZendServer 9.1.11
ZendServer 2019.0.6
CVE-2020-7068Low

Information Disclosure

CVE-2020-7068 php: Use of freed hash key in the phar_parse_zipfile function

2020-08-06

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.32
7.3.0 - 7.3.20
7.4.0 - 7.4.8
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendServer 2019.0.5
CVE-2020-7067Low

Information Disclosure

out-of-bounds read when using a malformed url-encoded string

2020-04-10

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.29
7.3.0 - 7.3.16
7.4.0 - 7.4.4
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendServer 2019.0.5
CVE-2020-7064Low

Information Disclosure

information disclosure in exif_read_data() function

2020-04-01

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.8
7.3.0 - 7.3.15
7.4.0 - 7.4.3
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendServer 2019.0.5
CVE-2020-7065High

Remote Code Execution

by using mb_strtolower() function with UTF-32LE encoding leads to potential code execution

2020-04-01

7.3.0 - 7.3.15
7.4.0 - 7.4.3
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendServer 2019.0.5
CVE-2020-7066Low

Information Disclosure

information disclosure in function get_headers

2020-04-01

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.3 - 7.1.33
7.2.0 - 7.2.8
7.3.0 - 7.3.15
7.4.0 - 7.4.3
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendServer 2019.0.5
CVE-2020-7062Moderate

Denial of Service

NULL pointer dereference in PHP session upload progress

2020-02-04

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.27
7.3.0 - 7.3.14
7.4.0 - 7.4.2
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendServer 2019.0.4
Page
Sort by severity
Sort by type
Sort by date
Sort by php versions affected