Max CVSS | 5.8 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-7064 | 5.8 |
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead
|
29-08-2022 - 20:04 | 01-04-2020 - 04:15 | |
CVE-2020-7067 | 5.0 |
In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers a
|
16-05-2022 - 19:57 | 27-04-2020 - 21:15 | |
CVE-2020-7066 | 4.3 |
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make in
|
08-05-2022 - 23:51 | 01-04-2020 - 04:15 | |
CVE-2020-7063 | 5.0 |
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on th
|
08-05-2022 - 23:50 | 27-02-2020 - 21:15 | |
CVE-2020-7062 | 4.3 |
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upl
|
01-01-2022 - 19:30 | 27-02-2020 - 21:15 | |
CVE-2019-11048 | 5.0 |
In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit a
|
22-07-2021 - 18:15 | 20-05-2020 - 08:15 |