Skip to main content
CVE-2015-8617 CRITICAL POC THREAT Emergency

Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.x before 7.0.1 allows remote attackers to execute arbitrary code via format string specifiers in a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 21.9%.

RCE PHP
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
21.9%
Threat
4.1
CVE-2016-1903 CRITICAL POC Act Now

The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service PHP Buffer Overflow
NVD
CVSS 3.0
9.1
EPSS
8.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy