ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.
Max Base Score | 7.5 |
Published | 2018-12-07 |
Updated | 2022-08-29 |
EPSS | 2.34% |
ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.
Max Base Score | 7.5 |
Published | 2018-11-20 |
Updated | 2019-10-03 |
EPSS | 0.17% |
ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").
Max Base Score | 7.5 |
Published | 2018-11-20 |
Updated | 2018-12-27 |
EPSS | 0.22% |
exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.
Max Base Score | 5.5 |
Published | 2018-08-02 |
Updated | 2019-08-19 |
EPSS | 0.56% |
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.
Max Base Score | 7.5 |
Published | 2018-04-29 |
Updated | 2019-08-19 |
EPSS | 93.80% |
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.
Max Base Score | 9.8 |
Published | 2018-08-02 |
Updated | 2022-07-20 |
EPSS | 0.85% |
6 vulnerabilities found