Filter By Severity
CVESeverity     Type TypeSubjectDate DateAffected Versions Affected VersionsFixed Products
CVE-2022-31625High

Remote Code Execution

CVE-2022-31625 php: uninitialized array in pg_query_params() leading to RCE

2022-05-16

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.29
8.0.0 - 8.0.19
8.1.0 - 8.1.6
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 2021.2.0
CVE-2022-31626High

Remote Code Execution

CVE-2022-31626 php: password of excessive length triggers buffer overflow leading to RCE

2022-05-16

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.33
7.4.0 - 7.4.29
8.0.0 - 8.0.19
8.1.0 - 8.1.6
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 2021.2.0
CVE-2021-21708Moderate

Denial of Service

CVE-2021-21708 php: Use after free due to php_filter_float() failing

2022-02-17

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.32
7.4.0 - 7.4.27
8.0.0 - 8.0.15
8.1.0 - 8.1.2
8.1.0 - 8.1.
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendPHP 8.1
ZendServer 9.1.13
ZendServer 2019.1.0
ZendServer 2021.1.2
CVE-2021-21707High

Information Disclosure

CVE-2021-21707 php: special character breaks path in xml parsing

2021-11-15

5.6.0 - 5.6.40
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.32
7.4.0 - 7.4.25
8.0.0 - 8.0.12
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendServer 2021.1.1
CVE-2021-21703Critical

Privilege Escalation

CVE-2021-21703 php: Local privilege escalation via PHP-FPM

2021-10-20

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.31
7.4.0 - 7.4.24
8.0.0 - 8.0.11
ZendServer 8.5.18
CVE-2021-21702Moderate

Denial of Service

CVE-2021-21702 php: NULL pointer dereference in SoapClient

2021-01-26

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.26
7.4.0 - 7.4.14
8.0.0 - 8.0.1
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendServer 8.5.17
ZendServer 9.1.12
ZendServer 2019.0.7
CVE-2020-7071Moderate

Remote File Inclusion

CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo

2021-01-03

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.34
7.3.0 - 7.3.25
7.4.0 - 7.4.13
8.0.0
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendPHP 8.0
ZendServer 8.5.16
ZendServer 9.1.11
ZendServer 2019.0.6
CVE-2020-7068Low

Information Disclosure

CVE-2020-7068 php: Use of freed hash key in the phar_parse_zipfile function

2020-08-06

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.32
7.3.0 - 7.3.20
7.4.0 - 7.4.8
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendServer 2019.0.5
CVE-2020-7067Low

Information Disclosure

out-of-bounds read when using a malformed url-encoded string

2020-04-10

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.29
7.3.0 - 7.3.16
7.4.0 - 7.4.4
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendServer 2019.0.5
CVE-2020-7064Low

Information Disclosure

information disclosure in exif_read_data() function

2020-04-01

5.6.0 - 5.6.40
7.0.0 - 7.0.33
7.1.0 - 7.1.33
7.2.0 - 7.2.8
7.3.0 - 7.3.15
7.4.0 - 7.4.3
ZendPHP 5.6
ZendPHP 7.1
ZendPHP 7.2
ZendPHP 7.3
ZendPHP 7.4
ZendServer 2019.0.5
Page
Sort by severity
Sort by type
Sort by date
Sort by php versions affected