Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-4698 | 4.6 |
Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applicatio
|
19-01-2023 - 16:35 | 10-07-2014 - 11:06 | |
CVE-2014-4721 | 2.6 |
The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent
|
19-01-2023 - 16:14 | 06-07-2014 - 23:55 | |
CVE-2014-3515 | 7.5 |
The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that
|
09-11-2022 - 03:05 | 09-07-2014 - 11:07 | |
CVE-2014-3479 | 4.3 |
The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (appli
|
28-10-2022 - 23:26 | 09-07-2014 - 11:07 | |
CVE-2014-3480 | 4.3 |
The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (appli
|
28-10-2022 - 23:25 | 09-07-2014 - 11:07 | |
CVE-2014-3487 | 4.3 |
The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (applicati
|
28-10-2022 - 23:21 | 09-07-2014 - 11:07 | |
CVE-2014-0207 | 4.3 |
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a craft
|
28-09-2022 - 20:39 | 09-07-2014 - 11:07 | |
CVE-2014-4670 | 4.6 |
Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications i
|
07-01-2017 - 03:00 | 10-07-2014 - 11:06 | |
CVE-2014-3478 | 5.0 |
Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal
|
28-11-2016 - 19:11 | 09-07-2014 - 11:07 |