Filtered by vendor Php
Subscribe
Total
737 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-8865 | 2 Apple, Php | 2 Mac Os X, Php | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file. | |||||
CVE-2015-8838 | 1 Php | 1 Php | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152. | |||||
CVE-2015-8835 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application crash) or possibly execute arbitrary code via crafted serialized data representing a numerically indexed _cookies array, related to the SoapClient::__call method in ext/soap/soap.c. | |||||
CVE-2015-8617 | 1 Php | 1 Php | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.x before 7.0.1 allows remote attackers to execute arbitrary code via format string specifiers in a string that is misused as a class name, leading to incorrect error handling. | |||||
CVE-2015-8616 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | 8.6 HIGH |
Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collator_sort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging the relationships between a key buffer and a destroyed array. | |||||
CVE-2015-8394 | 2 Pcre, Php | 2 Perl Compatible Regular Expression Library, Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
CVE-2015-8393 | 3 Fedoraproject, Pcre, Php | 3 Fedora, Perl Compatible Regular Expression Library, Php | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client. | |||||
CVE-2015-8391 | 5 Fedoraproject, Oracle, Pcre and 2 more | 10 Fedora, Linux, Pcre and 7 more | 2024-11-21 | 9.0 HIGH | 9.8 CRITICAL |
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
CVE-2015-8390 | 3 Fedoraproject, Pcre, Php | 3 Fedora, Perl Compatible Regular Expression Library, Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
CVE-2015-8389 | 3 Fedoraproject, Pcre, Php | 3 Fedora, Perl Compatible Regular Expression Library, Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
CVE-2015-8387 | 3 Fedoraproject, Pcre, Php | 3 Fedora, Perl Compatible Regular Expression Library, Php | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
CVE-2015-8386 | 4 Fedoraproject, Oracle, Pcre and 1 more | 4 Fedora, Linux, Perl Compatible Regular Expression Library and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
CVE-2015-8383 | 3 Fedoraproject, Pcre, Php | 3 Fedora, Perl Compatible Regular Expression Library, Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
CVE-2015-7804 | 2 Apple, Php | 2 Mac Os X, Php | 2024-11-21 | 6.8 MEDIUM | N/A |
Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive. | |||||
CVE-2015-7803 | 2 Apple, Php | 2 Mac Os X, Php | 2024-11-21 | 6.8 MEDIUM | N/A |
The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist. | |||||
CVE-2015-7774 | 2 Pc-egg, Php | 2 Pwebmanager, Php | 2024-11-21 | 6.5 MEDIUM | N/A |
PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role. | |||||
CVE-2015-6838 | 2 Php, Xmlsoft | 2 Php, Libxml2 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument loop, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837. | |||||
CVE-2015-6837 | 2 Php, Xmlsoft | 2 Php, Libxml2 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838. | |||||
CVE-2015-6836 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serialize_function_call function. | |||||
CVE-2015-6835 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted session content. |