PHP is a popular open source general-purpose scripting language. It capable for web development and can be embedded into HTML. Perhaps a fundamental weakness of PHP and therefore we seen common problem especially SQL Injection and Trusting user input to execute code happens in frequent.
Below details are the php vulnerabilities found on Aug 2018.
(CVE-2018-14883) An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c
(CVE-2018-14851) Allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.
(CVE-2018-14884) Inappropriately parsing an HTTP response leads to a segmentation fault because http_header_value in ext/standard/http_fopen_wrapper.c can be a NULL value that is mishandled in an atoi call.
Reference: Vulnerability found on Jul 2018