Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Server Eus
Total 625 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4603 2 Php, Redhat 8 Php, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
CVE-2015-4602 2 Php, Redhat 8 Php, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
CVE-2015-4601 2 Php, Redhat 7 Php, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.
CVE-2015-4600 2 Php, Redhat 7 Php, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.
CVE-2015-4599 2 Php, Redhat 7 Php, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
CVE-2015-4598 2 Php, Redhat 8 Php, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-11-21 7.5 HIGH 6.5 MEDIUM
PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files.
CVE-2015-4170 2 Linux, Redhat 6 Linux Kernel, Enterprise Linux Compute Node Eus, Enterprise Linux For Ibm Z Systems Eus and 3 more 2024-11-21 4.7 MEDIUM 4.7 MEDIUM
Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread during shutdown of a previous tty thread.
CVE-2015-4148 3 Apple, Php, Redhat 8 Mac Os X, Php, Enterprise Linux Desktop and 5 more 2024-11-21 5.0 MEDIUM N/A
The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue.
CVE-2015-4147 3 Apple, Php, Redhat 8 Mac Os X, Php, Enterprise Linux Desktop and 5 more 2024-11-21 7.5 HIGH N/A
The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.
CVE-2015-4026 3 Apple, Php, Redhat 9 Mac Os X, Php, Enterprise Linux and 6 more 2024-11-21 7.5 HIGH N/A
The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
CVE-2015-4025 3 Apple, Php, Redhat 9 Mac Os X, Php, Enterprise Linux and 6 more 2024-11-21 7.5 HIGH N/A
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
CVE-2015-4024 5 Apple, Hp, Oracle and 2 more 12 Mac Os X, System Management Homepage, Linux and 9 more 2024-11-21 5.0 MEDIUM N/A
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
CVE-2015-4022 3 Apple, Php, Redhat 9 Mac Os X, Php, Enterprise Linux and 6 more 2024-11-21 7.5 HIGH N/A
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.
CVE-2015-4021 3 Apple, Php, Redhat 9 Mac Os X, Php, Enterprise Linux and 6 more 2024-11-21 5.0 MEDIUM N/A
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.
CVE-2015-3412 2 Php, Redhat 8 Php, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.
CVE-2015-3411 2 Php, Redhat 8 Php, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-11-21 6.4 MEDIUM 6.5 MEDIUM
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.
CVE-2015-3330 4 Apple, Oracle, Php and 1 more 11 Mac Os X, Linux, Solaris and 8 more 2024-11-21 6.8 MEDIUM N/A
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter."
CVE-2015-3329 4 Apple, Oracle, Php and 1 more 11 Mac Os X, Linux, Solaris and 8 more 2024-11-21 7.5 HIGH N/A
Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.
CVE-2015-3315 1 Redhat 7 Automatic Bug Reporting Tool, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more 2024-11-21 7.2 HIGH 7.8 HIGH
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.
CVE-2015-3307 3 Apple, Php, Redhat 9 Mac Os X, Php, Enterprise Linux and 6 more 2024-11-21 7.5 HIGH N/A
The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.