Known Vulnerabilities for products from Php
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Php".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-7568 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the metaphone() functi... | Not Provided | 2026-05-10 | 2026-05-12 |
| CVE-2026-7263 json | In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, DOMNode::C14N() method may process the XML data incorrectly, cau... | Not Provided | 2026-05-10 | 2026-05-12 |
| CVE-2026-7262 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has... | Not Provided | 2026-05-10 | 2026-05-12 |
| CVE-2026-7261 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when SoapServer is con... | Not Provided | 2026-05-10 | 2026-05-12 |
| CVE-2026-7259 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, a mismatch between enc... | Not Provided | 2026-05-10 | 2026-05-12 |
| CVE-2026-7258 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, some functions, includ... | Not Provided | 2026-05-10 | 2026-05-12 |
| CVE-2026-6735 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, 8.5.* before 8.5.6, due to improper sanitation... | Not Provided | 2026-05-10 | 2026-05-12 |
| CVE-2026-6722 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the SOAP extension's o... | Not Provided | 2026-05-10 | 2026-05-12 |
| CVE-2026-6104 json | In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, when an encoding name containing an embedded NUL byte is passed t... | Not Provided | 2026-05-10 | 2026-05-12 |
| CVE-2025-14179 json | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the PDO Firebird drive... | Not Provided | 2026-05-10 | 2026-05-12 |
| CVE-2023-3824 json | In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR... | 9.8 - CRITICAL | 2023-08-11 | 2023-10-27 |
| CVE-2023-3823 json | In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global ... | 7.5 - HIGH | 2023-08-11 | 2023-10-27 |
| CVE-2023-3247 json | In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, rand... | 4.3 - MEDIUM | 2023-07-22 | 2023-08-01 |
| CVE-2023-0662 json | In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cau... | 7.5 - HIGH | 2023-02-16 | 2023-05-17 |
| CVE-2023-0568 json | In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byt... | 8.1 - HIGH | 2023-02-16 | 2023-05-17 |
| CVE-2023-0567 json | In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Bl... | 6.2 - MEDIUM | 2023-03-01 | 2023-11-07 |
| CVE-2022-37454 json | The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allo... | 9.8 - CRITICAL | 2022-10-21 | 2023-05-03 |
| CVE-2022-31630 json | In PHP versions prior to 7.4.33, 8.0.25 and 8.2.12, when using imageloadfont() function in gd extension, it is possible to su... | 7.1 - HIGH | 2022-11-14 | 2024-04-02 |
| CVE-2022-31629 json | In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard... | 6.5 - MEDIUM | 2022-09-28 | 2023-11-07 |
| CVE-2022-31628 json | In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files... | 5.5 - MEDIUM | 2022-09-28 | 2023-11-07 |
Known software with vulnerabilities from Php
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Php | Animated Smiley Generator | - |
| Application | Php | Archive Tar | 1.3.11 |
| Application | Php | Ar Memberscript | - |
| Application | Php | Blog Cms | - |
| Application | Php | Bloq | - |
| Application | Php | Comoblog | - |
| Application | Php | Com Extensions | - |
| Application | Php | Cvs | - |
| Application | Php | Directory Listing Script | - |
| Application | Php | Dirlist | - |
| Application | Php | Easymoblog | - |
| Application | Php | Errordocs | - |
| Application | Php | Ext-http | - |
| Application | Php | F1 Maxs File Uploader | - |
| Application | Php | Go-pear.php | - |
| Application | Php | Imagick | 3.3.0 |
| Application | Php | Mysql Banner Exchange | - |
| Application | Php | Mysql Extension | - |
| Application | Php | Pear | - |
| Application | Php | Pear Archive Tar | 0.10 |