Skip to content

Latest commit

 

History

History
241 lines (237 loc) · 29.7 KB

TOPPHP(IBB).md

File metadata and controls

241 lines (237 loc) · 29.7 KB

Back

Top reports from PHP (IBB) program at HackerOne:

  1. In correct casting from size_t to int lead to heap overflow in mcrypt_generic to PHP (IBB) - 81 upvotes, $1000
  2. Type Confusion Vulnerability - SOAP / make_http_soap_request() to PHP (IBB) - 64 upvotes, $1000
  3. GMP Deserialization Type Confusion Vulnerability [MyBB <= 1.8.3 RCE Vulnerability] to PHP (IBB) - 63 upvotes, $1500
  4. Inappropriate URL parsing may cause security risk! to PHP (IBB) - 51 upvotes, $1000
  5. Heap overflow in mysqlnd related to BIT fields (CVE-2016-7412) to PHP (IBB) - 50 upvotes, $1000
  6. Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c to PHP (IBB) - 42 upvotes, $500
  7. PHP mbstring / Oniguruma multiple remote heap/stack corruptions to PHP (IBB) - 35 upvotes, $1500
  8. select_colors write out-of-bounds to PHP (IBB) - 23 upvotes, $1000
  9. PHP Session Data Injection Vulnerability to PHP (IBB) - 16 upvotes, $1000
  10. php curl ext size_t overflow lead to heap corruption to PHP (IBB) - 14 upvotes, $1000
  11. Use-After-Free / Double-Free in WDDX Deserialize to PHP (IBB) - 14 upvotes, $500
  12. wddx_deserialize use-after-free to PHP (IBB) - 14 upvotes, $500
  13. heap-buffer-overflow (READ of size 48) in exif_read_data() to PHP (IBB) - 13 upvotes, $500
  14. CVE-2018-12882: heap-use-after-free in PHP 7.2 through 7.2.6, possible 7.2.7 to PHP (IBB) - 13 upvotes, $500
  15. php mcrypt ext - In correct casting from size_t to int lead to heap overflow in mdecrypt_generic to PHP (IBB) - 12 upvotes, $1000
  16. Memory corruption when parsing a hostile PHAR archive to PHP (IBB) - 12 upvotes, $500
  17. Use After Free Vulnerability in PHP's GC algorithm and unserialize to PHP (IBB) - 11 upvotes, $1000
  18. ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize to PHP (IBB) - 11 upvotes, $1000
  19. Heap Buffer Overflow (READ: 1786) in exif_iif_add_value to PHP (IBB) - 11 upvotes, $500
  20. Heap Use After Free Read in unserialize() to PHP (IBB) - 11 upvotes, $500
  21. Improper handling of Chunked data request in sapi_apache2.c leads to Reflected XSS to PHP (IBB) - 10 upvotes, $500
  22. PHP openssl_x509_parse() Memory Corruption Vulnerability to PHP (IBB) - 7 upvotes, $4000
  23. Use After Free Vulnerability in SNMP with GC and unserialize() to PHP (IBB) - 7 upvotes, $1000
  24. Heap Use After Free in unserialize() to PHP (IBB) - 7 upvotes, $500
  25. Out of Bounds Memory Read in unserialize() to PHP (IBB) - 7 upvotes, $500
  26. Out-of-Bound Read in phar_parse_zipfile() to PHP (IBB) - 7 upvotes, $500
  27. Illegal write/read access caused by gdImageAALine overflow to PHP (IBB) - 7 upvotes, $500
  28. memory corruption in wordwrap function to PHP (IBB) - 7 upvotes, $500
  29. integer overflow in imap_binary caused heap corruption to PHP (IBB) - 7 upvotes, $500
  30. heap overflow in substr_replace to PHP (IBB) - 7 upvotes, $500
  31. Out of bound read in exif_process_IFD_in_MAKERNOTE to PHP (IBB) - 6 upvotes, $1000
  32. Out of bounds memory read in unserialize() to PHP (IBB) - 6 upvotes, $500
  33. linkinfo - openbasedir bypass on Windows PHP to PHP (IBB) - 6 upvotes, $500
  34. Integer Overflow in php_html_entities() to PHP (IBB) - 6 upvotes, $500
  35. Use-after-free in PHP7's unserialize() to PHP (IBB) - 6 upvotes, $500
  36. Inappropriately parsing HTTP response leads to PHP segment fault! to PHP (IBB) - 6 upvotes, $500
  37. Potential infinite loop in gdImageCreateFromGifCtx! to PHP (IBB) - 6 upvotes, $500
  38. integer overflow in fgetcsv caused heap corruption to PHP (IBB) - 6 upvotes, $500
  39. Type Confusion in WDDX Packet Deserialization to PHP (IBB) - 5 upvotes, $1000
  40. Integer Overflow in addcslashes()/addslashes() to PHP (IBB) - 5 upvotes, $500
  41. Integer Overflow in Length of String-typed ZVAL to PHP (IBB) - 5 upvotes, $500
  42. Integer Overflow/Heap Overflow in json_encode()/json_decode() to PHP (IBB) - 5 upvotes, $500
  43. Use After Free Vulnerability in array_walk()/array_walk_recursive() to PHP (IBB) - 5 upvotes, $500
  44. pass2_no_dither out-of-bounds access to PHP (IBB) - 5 upvotes, $500
  45. integer overflow in curl_escape caused heap corruption to PHP (IBB) - 5 upvotes, $500
  46. integer overflow in pg_escape_bytea caused heap corruption to PHP (IBB) - 5 upvotes, $500
  47. integer overflow in pg_escape_string caused heap corruption to PHP (IBB) - 5 upvotes, $500
  48. integer overflow in php_uuencode caused heap corruption to PHP (IBB) - 5 upvotes, $500
  49. Integer overflow lead to heap corruption in sql_regcase to PHP (IBB) - 5 upvotes, $500
  50. integer overflow in bzdecompress caused heap corruption to PHP (IBB) - 5 upvotes, $500
  51. PHP Heap Overflow Vulnerability in imagecrop() to PHP (IBB) - 4 upvotes, $1500
  52. Use After Free in unserialize() with Unexpected Session Deserialization to PHP (IBB) - 4 upvotes, $1000
  53. Create an Unexpected Object and Don't Invoke __wakeup() in During Deserialization to PHP (IBB) - 4 upvotes, $1000
  54. Use After Free in PHP7 unserialize() to PHP (IBB) - 4 upvotes, $1000
  55. Use-after-free in unserialize() to PHP (IBB) - 4 upvotes, $1000
  56. Uninitialized Thumbail Data Leads To Memory Leakage in exif_process_IFD_in_TIFF to PHP (IBB) - 4 upvotes, $1000
  57. Type Confusion Vulnerability in SoapClient to PHP (IBB) - 4 upvotes, $500
  58. Invalid parameter in memcpy function trough openssl_pbkdf2 to PHP (IBB) - 4 upvotes, $500
  59. Heap overflow caused by type confusion vulnerability in merge_param() to PHP (IBB) - 4 upvotes, $500
  60. Use after free with assign by ref to overloaded objects to PHP (IBB) - 4 upvotes, $500
  61. Integer Overflow in php_raw_url_encode to PHP (IBB) - 4 upvotes, $500
  62. Multiple Heap Overflows in php_raw_url_encode/php_url_encode to PHP (IBB) - 4 upvotes, $500
  63. Integer Overflow in SplFileObject::fread to PHP (IBB) - 4 upvotes, $500
  64. Integer Overflow in nl2br() to PHP (IBB) - 4 upvotes, $500
  65. Use After Free/Double Free in Garbage Collection to PHP (IBB) - 4 upvotes, $500
  66. Use After Free Vulnerability in unserialize() to PHP (IBB) - 4 upvotes, $500
  67. Memory Corruption in During Deserialized-object Destruction to PHP (IBB) - 4 upvotes, $500
  68. NULL Pointer Dereference in WDDX Packet Deserialization with PDORow to PHP (IBB) - 4 upvotes, $500
  69. Use-after-free in ArrayObject Deserialization to PHP (IBB) - 4 upvotes, $500
  70. Use After Free in unserialize() to PHP (IBB) - 4 upvotes, $500
  71. Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization to PHP (IBB) - 4 upvotes, $500
  72. memory allocator fails to realloc small block to large one to PHP (IBB) - 4 upvotes, $500
  73. integer overflow in fgets cause heap corruption to PHP (IBB) - 4 upvotes, $500
  74. integer overflow in str_pad caused heap corruption to PHP (IBB) - 4 upvotes, $500
  75. integer overflow in php_ldap_do_escape caused heap corruption to PHP (IBB) - 4 upvotes, $500
  76. integer overflow in urlencode caused heap corruption to PHP (IBB) - 4 upvotes, $500
  77. integer overflow in quoted_printable_encode caused heap corruption to PHP (IBB) - 4 upvotes, $500
  78. integer overflow in base64_decode caused heap corruption to PHP (IBB) - 4 upvotes, $500
  79. Use after free vulnerability in unserialize() with DateTimeZone to PHP (IBB) - 3 upvotes, $2500
  80. Integer overflow in ZipArchive::getFrom* to PHP (IBB) - 3 upvotes, $1500
  81. Buffer overflow in HTTP url parsing functions to PHP (IBB) - 3 upvotes, $1000
  82. Buffer overflow in HTTP parse_hostinfo(), parse_userinfo() and parse_scheme() to PHP (IBB) - 3 upvotes, $1000
  83. Uninitialized pointer in phar_make_dirstream() to PHP (IBB) - 3 upvotes, $1000
  84. Heap corruption in tar/zip/phar parser to PHP (IBB) - 3 upvotes, $1000
  85. Use after free vulnerability in unserialize() with GMP to PHP (IBB) - 3 upvotes, $500
  86. Use of uninitialized memory in unserialize() to PHP (IBB) - 3 upvotes, $500
  87. Crash (DoS) when parsing a hostile TIFF to PHP (IBB) - 3 upvotes, $500
  88. Type Confusion in Object Deserialization to PHP (IBB) - 3 upvotes, $500
  89. crash in locale_compose() function to PHP (IBB) - 3 upvotes, $500
  90. integer overflow in preg_quote caused heap corruption to PHP (IBB) - 3 upvotes, $500
  91. Use After Free Vulnerability in unserialize() to PHP (IBB) - 2 upvotes, $1500
  92. Use after free vulnerability in unserialize() with DateInterval to PHP (IBB) - 2 upvotes, $1500
  93. Multiple Use After Free Vulnerabilites in unserialize() to PHP (IBB) - 2 upvotes, $1500
  94. Use After Free Vulnerability in unserialize() with SplDoublyLinkedList to PHP (IBB) - 2 upvotes, $1000
  95. Use After Free Vulnerability in unserialize() with SplObjectStorage to PHP (IBB) - 2 upvotes, $1000
  96. Use After Free Vulnerability in unserialize() to PHP (IBB) - 2 upvotes, $1000
  97. php_snmp_error() Format String Vulnerability to PHP (IBB) - 2 upvotes, $1000
  98. SEH buffer overflow msgfmt_format_message to PHP (IBB) - 2 upvotes, $1000
  99. imagegammacorrect allows arbitrary write access to PHP (IBB) - 2 upvotes, $1000
  100. Stack-based buffer overflow vulnerability in virtual_file_ex to PHP (IBB) - 2 upvotes, $1000
  101. Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER to PHP (IBB) - 2 upvotes, $500
  102. php_stream_url_wrap_http_ex() type-confusion vulnerability to PHP (IBB) - 2 upvotes, $500
  103. Use After Free Vulnerability in session deserializer to PHP (IBB) - 2 upvotes, $500
  104. zend_throw_or_error() format string vulnerability to PHP (IBB) - 2 upvotes, $500
  105. NULL Pointer Dereference in exif_process_user_comment to PHP (IBB) - 2 upvotes, $500
  106. imagefilltoborder stackoverflow on truecolor images to PHP (IBB) - 2 upvotes, $500
  107. Write out-of-bounds at number_format to PHP (IBB) - 2 upvotes, $500
  108. memcpy negative parameter _bc_new_num_ex to PHP (IBB) - 2 upvotes, $500
  109. Use After Free Vulnerability in WDDX Packet Deserialization to PHP (IBB) - 2 upvotes, $500
  110. Type Confusion Vulnerability in PHP_to_XMLRPC_worker() to PHP (IBB) - 2 upvotes, $500
  111. Session WDDX Packet Deserialization Type Confusion Vulnerability to PHP (IBB) - 2 upvotes, $500
  112. Out-of-bounds reads in zif_grapheme_stripos with negative offset to PHP (IBB) - 2 upvotes, $500
  113. imagecropauto out-of-bounds access to PHP (IBB) - 2 upvotes, $500
  114. wddx_deserialize null dereference in php_wddx_pop_element to PHP (IBB) - 2 upvotes, $500
  115. wddx_deserialize null dereference with invalid xml to PHP (IBB) - 2 upvotes, $500
  116. PHP INI Parsing Stack Buffer Overflow Vulnerability to PHP (IBB) - 2 upvotes, $500
  117. Out-Of-Bounds Read in timelib_meridian() to PHP (IBB) - 2 upvotes, $500
  118. PHP WDDX Deserialization Heap OOB Read in timelib_meridian() to PHP (IBB) - 2 upvotes, $500
  119. PHP OpenSSL zif_openssl_seal() heap overflow (wild memcpy) to PHP (IBB) - 2 upvotes, $500
  120. Integer overflow in wordwrap to PHP (IBB) - 2 upvotes, $500
  121. Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes to PHP (IBB) - 2 upvotes, $500
  122. imap_rfc822_parse_headers GS Violation to PHP (IBB) - 2 upvotes, $500
  123. wddx_deserialize allows illegal memory access to PHP (IBB) - 2 upvotes, $500
  124. crash in gzcompress and 3 other compress functions to PHP (IBB) - 2 upvotes, $500
  125. ldap_escape could produce string larger than 2Gb to PHP (IBB) - 2 upvotes, $500
  126. integer overflow in recode_string caused heap corruption to PHP (IBB) - 2 upvotes, $500
  127. heap-buffer-overflow (write) simplestring_addn simplestring.c to PHP (IBB) - 2 upvotes, $500
  128. Trivial age-old heap overflow in 32-bit PHP to PHP (IBB) - 2 upvotes, $500
  129. Heap BufferOver Flow in escapeshellargs and escapeshellcmd functions to PHP (IBB) - 2 upvotes, $500
  130. Arbitary Memory Read via gdImageRotateInterpolated Array Index Out of Bounds to PHP (IBB) - 2 upvotes, $500
  131. 3 heap corruptions in PHP to PHP (IBB) - 1 upvotes, $1500
  132. Stack Buffer Overflow in GD dynamicGetbuf to PHP (IBB) - 1 upvotes, $1500
  133. Inadequate error handling in bzread() to PHP (IBB) - 1 upvotes, $1500
  134. Negative size parameter (-1) in memcpy mbfl_strcut to PHP (IBB) - 1 upvotes, $1000
  135. Memory Leakage In exif_process_IFD_in_TIFF (CVE-2016-7128) to PHP (IBB) - 1 upvotes, $1000
  136. Stack-based buffer overflow vulnerability in php_stream_zip_opener to PHP (IBB) - 1 upvotes, $1000
  137. Heap Overflow Due To Integer Overflow to PHP (IBB) - 1 upvotes, $1000
  138. Invalid free in phar_extract_file() to PHP (IBB) - 1 upvotes, $1000
  139. Use-after-free vulnerability in SPL(SplObjectStorage, unserialize) to PHP (IBB) - 1 upvotes, $1000
  140. Use-after-free vulnerability in SPL(ArrayObject, unserialize) to PHP (IBB) - 1 upvotes, $1000
  141. openssl_seal() uninitialized memory usage to PHP (IBB) - 1 upvotes, $1000
  142. out of bounds read crashes php-cgi to PHP (IBB) - 1 upvotes, $500
  143. memcpy negative size parameter in php_resolve_path to PHP (IBB) - 1 upvotes, $500
  144. potential remote code execution with phar archive to PHP (IBB) - 1 upvotes, $500
  145. xml_parse_into_struct segmentation fault to PHP (IBB) - 1 upvotes, $500
  146. stack-buffer-overflow through "ResourceBundle" methods to PHP (IBB) - 1 upvotes, $500
  147. bcpowmod accepts negative scale and corrupts one definition to PHP (IBB) - 1 upvotes, $500
  148. get_icu_value_internal out-of-bounds read to PHP (IBB) - 1 upvotes, $500
  149. locale_accept_from_http out-of-bounds access to PHP (IBB) - 1 upvotes, $500
  150. Illegal write access through Locale methods to PHP (IBB) - 1 upvotes, $500
  151. CVE-2015-8874 Stack overflow with imagefilltoborder to PHP (IBB) - 1 upvotes, $500
  152. imagegif/output out-of-bounds access to PHP (IBB) - 1 upvotes, $500
  153. Integer underflow / arbitrary null write in fread/gzread to PHP (IBB) - 1 upvotes, $500
  154. Null pointer deref with ob_start with get_defined_vars to PHP (IBB) - 1 upvotes, $500
  155. Null pointer deref with ob_start with compact to PHP (IBB) - 1 upvotes, $500
  156. memory corruption while parsing HTTP response to PHP (IBB) - 1 upvotes, $500
  157. imagescale out-of-bounds read to PHP (IBB) - 1 upvotes, $500
  158. gdImageTrueColorToPaletteBody allows arbitrary write/read access to PHP (IBB) - 1 upvotes, $500
  159. wddx_deserialize null dereference to PHP (IBB) - 1 upvotes, $500
  160. NULL Pointer Dereference while unserialize php object to PHP (IBB) - 1 upvotes, $500
  161. Invalid read when wddx decodes empty boolean element to PHP (IBB) - 1 upvotes, $500
  162. NULL pointer dereference in SimpleXMLElement::asXML() to PHP (IBB) - 1 upvotes, $500
  163. crash in openssl_random_pseudo_bytes function to PHP (IBB) - 1 upvotes, $500
  164. missing NULL check in dom_document_save_html to PHP (IBB) - 1 upvotes, $500
  165. heap overflow in php_ereg_replace function to PHP (IBB) - 1 upvotes, $500
  166. crash in implode() function to PHP (IBB) - 1 upvotes, $500
  167. iconv() function missing string length check to PHP (IBB) - 1 upvotes, $500
  168. crash in bzcompress function to PHP (IBB) - 1 upvotes, $500
  169. crash in get_icu_value_internal function to PHP (IBB) - 1 upvotes, $500
  170. crash in locale_get_keywords() when keyword value in locale string too long to PHP (IBB) - 1 upvotes, $500
  171. another crash in locale_get_keywords function to PHP (IBB) - 1 upvotes, $500
  172. CachingIterator null dereference when convert to string to PHP (IBB) - 1 upvotes, $500
  173. Memory corruption in _php_math_number_format_ex() to PHP (IBB) - 1 upvotes, $500
  174. Heap overflow due to integer overflow in bzdecompress() function to PHP (IBB) - 1 upvotes, $500
  175. Memory corruption due to missing check size in _php_math_number_format_ex() to PHP (IBB) - 1 upvotes, $500
  176. Heap overflow due to integer overflow in pg_escape_string() function to PHP (IBB) - 1 upvotes, $500
  177. Heap overflow due to integer overflow in php_escape_html_entities_ex() function to PHP (IBB) - 1 upvotes, $500
  178. Invalid memory access in zend_strtod() function to PHP (IBB) - 1 upvotes, $500
  179. crash in simplestring_addn function to PHP (IBB) - 1 upvotes, $500
  180. Invalid memory access in spl_filesystem_dir_open function to PHP (IBB) - 1 upvotes, $500
  181. Invalid memory access in php_basename function to PHP (IBB) - 1 upvotes, $500
  182. Invalid memory access in spl_filesystem_info_set_filename function to PHP (IBB) - 1 upvotes, $500
  183. malloc negative size parameter to PHP (IBB) - 1 upvotes, $500
  184. php_snmp_parse_oid integer overflow in memory allocation to PHP (IBB) - 1 upvotes, $500
  185. gzuncompress does NOT check output string size which leads to an overflow to PHP (IBB) - 1 upvotes, $500
  186. gzdecode does NOT check output string size which leads to an overflow to PHP (IBB) - 1 upvotes, $500
  187. Missing type check when unserializing SplArray to PHP (IBB) - 1 upvotes, $500
  188. integer overflow in xml_utf8_encode to PHP (IBB) - 1 upvotes, $500
  189. Heap overflow in curl_escape to PHP (IBB) - 1 upvotes, $500
  190. Out of bound when verify signature of tar phar in phar_parse_tarfile to PHP (IBB) - 1 upvotes, $500
  191. Out of bound when verify signature of zip phar in phar_parse_zipfile to PHP (IBB) - 1 upvotes, $500
  192. Heap Overflow due to integer overflows to PHP (IBB) - 1 upvotes, $500
  193. Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow to PHP (IBB) - 1 upvotes, $500
  194. NULL Pointer Dereference at _gdScaleVert to PHP (IBB) - 1 upvotes, $500
  195. Integer Overflow in _gd2GetHeader() resulting in heap overflow to PHP (IBB) - 1 upvotes, $500
  196. Double Free Corruption in wddx.c (extension) to PHP (IBB) - 1 upvotes, $500
  197. _php_mb_regex_ereg_replace_exec - double free to PHP (IBB) - 1 upvotes, $500
  198. Multiple vulnerabilities related to PCRE functions (already fixed) to PHP (IBB) - 1 upvotes, $500
  199. An integer overflow bug in php_str_to_str_ex() led arbitrary code execution. to PHP (IBB) - 1 upvotes, $500
  200. PHP-FPM fpm_log.c memory leak and buffer overflow to PHP (IBB) - 1 upvotes, $500
  201. An integer overflow bug in php_implode() could lead heap overflow, make PHP to crash to PHP (IBB) - 1 upvotes, $500
  202. Null pointer deref (segfault) in stream_context_get_default to PHP (IBB) - 1 upvotes, $0
  203. Use after free vulnerability in unserialize() to PHP (IBB) - 0 upvotes, $3000
  204. SPL ArrayObject/SPLObjectStorage Unserialization Type Confusion Vulnerabilities to PHP (IBB) - 0 upvotes, $2500
  205. Locale::parseLocale Double Free to PHP (IBB) - 0 upvotes, $2500
  206. Free called on unitialized pointer in exif.c to PHP (IBB) - 0 upvotes, $2500
  207. SoapClient's __call() type confusion through unserialize() to PHP (IBB) - 0 upvotes, $2500
  208. ZIP Integer Overflow leads to writing past heap boundary to PHP (IBB) - 0 upvotes, $1500
  209. Integer overflow in ftp_genlist() resulting in heap overflow to PHP (IBB) - 0 upvotes, $1500
  210. PHP yaml_parse/yaml_parse_file/yaml_parse_url Double Free to PHP (IBB) - 0 upvotes, $1500
  211. SOAP serialize_function_call() type confusion / RCE to PHP (IBB) - 0 upvotes, $1500
  212. Buffer Over flow when parsing tar/zip/phar in phar_set_inode to PHP (IBB) - 0 upvotes, $1000
  213. Buffer Over-read in unserialize when parsing Phar to PHP (IBB) - 0 upvotes, $1000
  214. Buffer over-read in exif_read_data with TIFF IFD tag to PHP (IBB) - 0 upvotes, $1000
  215. Uninitialized pointer in phar_make_dirstream to PHP (IBB) - 0 upvotes, $1000
  216. Dangling pointer in the unserialization of ArrayObject items to PHP (IBB) - 0 upvotes, $1000
  217. Arbitrary code execution in str_ireplace function to PHP (IBB) - 0 upvotes, $1000
  218. Format string vulnerability in zend_throw_or_error() to PHP (IBB) - 0 upvotes, $1000
  219. Use After Free in sortWithSortKeys() to PHP (IBB) - 0 upvotes, $1000
  220. str_repeat() sign mismatch based memory corruption to PHP (IBB) - 0 upvotes, $500
  221. PHP yaml_parse/yaml_parse_file/yaml_parse_url Unsafe Deserialization to PHP (IBB) - 0 upvotes, $500
  222. Null pointer dereference in phar_get_fp_offset() to PHP (IBB) - 0 upvotes, $500
  223. Mem out-of-bounds write (segfault) in ZEND_ASSIGN_DIV_SPEC_CV_UNUSED_HANDLER to PHP (IBB) - 0 upvotes, $500
  224. null pointer deref (segfault) in zend_eval_const_expr to PHP (IBB) - 0 upvotes, $500
  225. Null pointer deref (segfault) in spl_autoload via ob_start to PHP (IBB) - 0 upvotes, $500
  226. AddressSanitizer reports a global buffer overflow in mkgmtime() function to PHP (IBB) - 0 upvotes, $500
  227. Integer overflow in unserialize() (32-bits only) to PHP (IBB) - 0 upvotes, $500
  228. heap buffer overflow in enchant_broker_request_dict() to PHP (IBB) - 0 upvotes, $500
  229. curl_setopt_array() type confusion to PHP (IBB) - 0 upvotes, $500
  230. Files extracted from archive may be placed outside of destination directory to PHP (IBB) - 0 upvotes, $500
  231. invalid pointer free() in phar_tar_process_metadata() to PHP (IBB) - 0 upvotes, $500
  232. Memory Corruption in phar_parse_tarfile when entry filename starts with null to PHP (IBB) - 0 upvotes, $500
  233. Improved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in heap overflow) to PHP (IBB) - 0 upvotes, $500
  234. Stack overflow when decompressing tar archives to PHP (IBB) - 0 upvotes, $500

Back