|
266731
|
7.8 |
HIGH
Local
|
gnome
|
gdk-pixbuf
|
Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attack…
|
CWE-189
Numeric Errors
|
CVE-2015-8875
|
2024-11-21 11:39 |
2016-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266732
|
7.5 |
HIGH
Network
|
fedoraproject
perl
|
fedora
perl
|
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 …
|
CWE-20
Improper Input Validation
|
CVE-2015-8853
|
2024-11-21 11:39 |
2016-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266733
|
9.8 |
CRITICAL
Network
|
php
|
php
|
Double free vulnerability in the format printer in PHP 7.x before 7.0.1 allows remote attackers to have an unspecified impact by triggering an error.
|
CWE-415
Double Free
|
CVE-2015-8880
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266734
|
7.5 |
HIGH
Network
|
php
|
php
|
The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application cra…
|
CWE-20
Improper Input Validation
|
CVE-2015-8879
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266735
|
5.9 |
MEDIUM
Network
|
php
|
php
|
main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory c…
|
CWE-119
CWE-362
Incorrect Access of Indexable Resource ('Range Error')
Race Condition
|
CVE-2015-8878
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266736
|
7.5 |
HIGH
Network
|
libgd
php
|
libgd
php
|
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows …
|
CWE-399
Resource Management Errors
|
CVE-2015-8877
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266737
|
9.8 |
CRITICAL
Network
|
php
|
php
|
Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL…
|
NVD-CWE-Other
|
CVE-2015-8876
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266738
|
7.5 |
HIGH
Network
|
php
canonical
|
php
ubuntu_linux
|
The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, w…
|
CWE-310
Cryptographic Issues
|
CVE-2015-8867
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266739
|
6.1 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8834
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266740
|
9.6 |
CRITICAL
Network
|
php
canonical
suse
opensuse
|
php
ubuntu_linux
linux_enterprise_software_development_kit
linux_enterprise_module_for_web_scripting
leap
opensuse
|
ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote att…
|
CWE-611
XXE
|
CVE-2015-8866
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
