Filter By Severity
    CVESeverity     Type TypeSubjectDate DateAffected Versions Affected VersionsFixed Products
    CVE-2024-9026Low

    Information Disclosure

    php: PHP-FPM Log Manipulation Vulnerability

    2024-10-08

    		7.4.0-7.4.33
    8.0.0-8.0.30
    8.1.0-8.1.30
    8.2.0-8.2.24
    8.3.0-8.3.12
    		ZendPHP 7.4
    ZendPHP 8.0
    ZendPHP 8.1
    ZendPHP 8.2
    ZendPHP 8.3
    CVE-2024-8925Moderate

    Cross-Site Request Forgery

    php: Erroneous parsing of multipart form data

    2024-10-07

    		7.2.0-7.2.34
    7.3.0-7.3.33
    7.4.0-7.4.33
    8.0.0-8.0.30
    8.1.0-8.1.30
    8.2.0-8.2.24
    8.3.0-8.3.12
    		ZendPHP 7.2
    ZendPHP 7.3
    ZendPHP 7.4
    ZendPHP 8.0
    ZendPHP 8.1
    ZendPHP 8.2
    ZendPHP 8.3
    CVE-2024-8926High

    Remote Code Execution

    php: PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)

    2024-10-07

    		5.6.0-7.1.33
    7.2.0-7.2.34
    7.3.0-7.3.33
    7.4.0-7.4.33
    8.0.0-8.0.30
    8.1.0-8.1.30
    8.2.0-8.2.24
    8.3.0-8.3.12
    		ZendPHP 7.2
    ZendPHP 7.3
    ZendPHP 7.4
    ZendPHP 8.0
    ZendPHP 8.1
    ZendPHP 8.2
    ZendPHP 8.3
    CVE-2024-8927High

    Remote Code Execution

    php: cgi.force_redirect configuration is bypassable due to the environment variable collision

    2024-10-07

    		7.2.0-7.2.34
    7.3.0-7.3.33
    7.4.0-7.4.33
    8.0.0-8.0.30
    8.1.0-8.1.30
    8.2.0-8.2.24
    8.3.0-8.3.12
    		ZendPHP 7.2
    ZendPHP 7.3
    ZendPHP 7.4
    ZendPHP 8.0
    ZendPHP 8.1
    ZendPHP 8.2
    ZendPHP 8.3
    CVE-2024-2408Moderate

    Information Disclosure

    php: potential exposure to Marvin attack via unsafe implementation of RSA decryption API

    2024-06-07

    		5.6.0-7.1.33
    7.2.0-7.2.34
    7.3.0-7.3.33
    7.4.0-7.4.33
    8.0.0-8.0.30
    8.1.0-8.1.28
    8.2.0-8.2.19
    8.3.0-8.3.7
    		ZendPHP 7.2
    ZendPHP 7.3
    ZendPHP 7.4
    ZendPHP 8.0
    ZendPHP 8.1
    ZendPHP 8.2
    ZendPHP 8.3
    ZendServer 2021.3.5
    CVE-2024-4577Critical

    Remote Code Execution

    php: Argument Injection in PHP-CGI

    2024-06-07

    		5.6.0-7.1.33
    7.2.0-7.2.34
    7.3.0-7.3.33
    7.4.0-7.4.33
    8.0.0-8.0.30
    8.1.0-8.1.28
    8.2.0-8.2.19
    8.3.0-8.3.7
    		ZendPHP 7.2
    ZendPHP 7.3
    ZendPHP 7.4
    ZendPHP 8.0
    ZendPHP 8.1
    ZendPHP 8.2
    ZendPHP 8.3
    ZendServer 2021.3.5
    CVE-2024-5458Moderate

    Information Disclosure

    php: Filter bypass in filter_var FILTER_VALIDATE_URL

    2024-06-07

    		7.2.0-7.2.34
    7.3.0-7.3.33
    7.4.0-7.4.33
    8.0.0-8.0.30
    8.1.0-8.1.28
    8.2.0-8.2.19
    8.3.0-8.3.7
    		ZendPHP 7.2
    ZendPHP 7.3
    ZendPHP 7.4
    ZendPHP 8.0
    ZendPHP 8.1
    ZendPHP 8.2
    ZendPHP 8.3
    ZendServer 2021.3.5
    CVE-2024-5585Low

    Cross-Site Request Forgery

    php: Arguments execute arbitrary commands in Windows shell

    2024-06-07

    		7.4.0-7.4.33
    8.0.0-8.0.30
    8.1.0-8.1.28
    8.2.0-8.2.19
    8.3.0-8.3.7
    		ZendPHP 7.4
    ZendPHP 8.0
    ZendPHP 8.1
    ZendPHP 8.2
    ZendPHP 8.3
    ZendServer 2021.3.5
    CVE-2024-2961High

    Remote Code Execution

    iconv Buffer Overflow in Specific Character Set Conversions

    2024-04-24

    		5.6.0-8.3.6
    		ZendPHP 7.2
    ZendPHP 7.3
    ZendPHP 7.4
    ZendPHP 8.0
    ZendPHP 8.1
    ZendPHP 8.2
    ZendPHP 8.3
    ZendServer 2019.1
    ZendServer 2021.3
    CVE-2024-2756Low

    Cross-Site Request Forgery

    Host/Secure cookie bypass due to partial CVE-2022-31629 -5955')) ORDER BY 1-- seus

    2024-04-12

    		7.4.0 - 7.4.33
    8.0.0 - 8.0.30
    8.1.0 - 8.1.27
    8.2.0 - 8.2.17
    8.3.0 - 8.3.5
    		ZendPHP 7.3
    ZendPHP 7.4
    ZendPHP 8.0
    ZendPHP 8.1
    ZendPHP 8.2
    ZendPHP 8.3
    ZendServer 2019.1.6
    ZendServer 2021.3.4
    Page
    Sort by severity
    Sort by type
    Sort by date
    Sort by php versions affected