|
267861
|
9.8 |
CRITICAL
Network
|
php
|
php
|
Double free vulnerability in the format printer in PHP 7.x before 7.0.1 allows remote attackers to have an unspecified impact by triggering an error.
|
CWE-415
Double Free
|
CVE-2015-8880
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267862
|
7.5 |
HIGH
Network
|
php
|
php
|
The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application cra…
|
CWE-20
Improper Input Validation
|
CVE-2015-8879
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267863
|
5.9 |
MEDIUM
Network
|
php
|
php
|
main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory c…
|
CWE-119
CWE-362
Incorrect Access of Indexable Resource ('Range Error')
Race Condition
|
CVE-2015-8878
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267864
|
7.5 |
HIGH
Network
|
libgd
php
|
libgd
php
|
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows …
|
CWE-399
Resource Management Errors
|
CVE-2015-8877
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267865
|
9.8 |
CRITICAL
Network
|
php
|
php
|
Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL…
|
NVD-CWE-Other
|
CVE-2015-8876
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267866
|
7.5 |
HIGH
Network
|
php
canonical
|
php
ubuntu_linux
|
The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, w…
|
CWE-310
Cryptographic Issues
|
CVE-2015-8867
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267867
|
6.1 |
MEDIUM
Network
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8834
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267868
|
9.6 |
CRITICAL
Network
|
php
canonical
suse
opensuse
|
php
ubuntu_linux
linux_enterprise_software_development_kit
linux_enterprise_module_for_web_scripting
leap
opensuse
|
ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote att…
|
CWE-611
XXE
|
CVE-2015-8866
|
2024-11-21 11:39 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267869
|
7.3 |
HIGH
Local
|
php
apple
|
php
mac_os_x
|
The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, whi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8865
|
2024-11-21 11:39 |
2016-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267870
|
7.5 |
HIGH
Network
|
opensuse
php
|
leap
php
|
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8874
|
2024-11-21 11:39 |
2016-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
