PHP 8.0

Argument Injection in PHP-CGI

php: Overflowing the length of string causes crash

php: Integer overflow in mysqli_api.c:mysqli_real_escape_string()

XKCP: buffer overflow in the SHA-3 reference implementation

Buffer overflow and overread in phar_dir_read()

PDO::quote() may return unquoted string

Security issue with external entity loading in XML without enabling it

UAF due to php_filter_float() failing

Freeing unallocated memory in php_pgsql_free_params()

PHP-FPM memory access in root process leading to privilege escalation

password_verify() always returns true for some invalid hashes

php: Out of bounds access in php_pcre.c:php_pcre_replace_impl()

mysqlnd/pdo password buffer overflow

Array overrun in common path resolve code

DoS vulnerability when parsing multipart request body

$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities

OOB read due to insufficient input validation in imageloadfont()

Potential buffer overflow in php_cli_server_startup_workers

Filter bypass in filter_var (FILTER_VALIDATE_URL)

FILTER_VALIDATE_URL accepts URLs with invalid userinfo

Null Dereference in SoapClient

ZipArchive::extractTo may extract outside of destination dir

Special characters break path parsing in XML functions

Multiple vulnerabilities in Firebird client extension

Incorrect URL validation in FILTER_VALIDATE_URL

Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP

phar wrapper can occur dos when using quine gzip file