Public PHP bug reports.

Team Bounty Title
PHP $500 PHP yaml_parse/yaml_parse_file/yaml_parse_url Unsafe Deserialization
PHP $1,500 PHP yaml_parse/yaml_parse_file/yaml_parse_url Double Free
PHP $500 str_repeat() sign mismatch based memory corruption
PHP $500 php_stream_url_wrap_http_ex() type-confusion vulnerability
PHP $500 Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER
PHP $500 Type Confusion Vulnerability in SoapClient
PHP $1,500 Use after free vulnerability in unserialize() with DateInterval
PHP $1,500 Integer overflow in ftp_genlist() resulting in heap overflow
PHP $1,500 ZIP Integer Overflow leads to writing past heap boundary
PHP $1,000 Buffer Over-read in unserialize when parsing Phar
PHP $1,000 Buffer Over flow when parsing tar/zip/phar in phar_set_inode
PHP $1,500 Use After Free Vulnerability in unserialize()
PHP $500 out of bounds read crashes php-cgi
PHP $3,000 Use after free vulnerability in unserialize()
PHP $2,500 SoapClient's __call() type confusion through unserialize()
PHP $2,500 Use after free vulnerability in unserialize() with DateTimeZone
PHP $2,500 Free called on unitialized pointer in exif.c
PHP $2,500 Locale::parseLocale Double Free
PHP $2,500 SPL ArrayObject/SPLObjectStorage Unserialization Type Confusion Vulnerabilities
PHP $1,500 PHP Heap Overflow Vulnerability in imagecrop()
PHP $4,000 PHP openssl_x509_parse() Memory Corruption Vulnerability