Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializ…

Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializ…

Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x befo…

Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP …

The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6…

Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c…

sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x…

The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21,…

The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and …

Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before…

The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x befo…

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and…

Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializ…

ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote…

The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x …

The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8…

The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, …

The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.…

Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the …

The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5…

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxsp…

PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) …

The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, …

The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before …

The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5…

The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in …

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames l…

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames l…

The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x…