Skip to main content
CVE-2015-4605 HIGH POC This Week

The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python RCE PHP Denial Of Service Enterprise Linux Desktop +6
NVD
CVSS 3.0
7.5
EPSS
9.1%
CVE-2015-4604 HIGH POC This Week

The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python RCE PHP Denial Of Service Enterprise Linux Desktop +6
NVD
CVSS 3.0
7.5
EPSS
9.1%
CVE-2015-8874 HIGH POC This Week

Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service PHP Buffer Overflow Leap
NVD
CVSS 3.0
7.5
EPSS
4.1%
CVE-2015-8873 HIGH POC This Week

Stack consumption vulnerability in Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service (segmentation fault). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service PHP Leap
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2015-4644 HIGH This Week

The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service PHP PostgreSQL Enterprise Linux
NVD
CVSS 3.0
7.5
EPSS
9.9%
CVE-2015-6838 HIGH This Week

The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service PHP Libxml2
NVD
CVSS 3.0
7.5
EPSS
3.8%
CVE-2015-6837 HIGH This Week

The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service PHP Libxml2
NVD
CVSS 3.0
7.5
EPSS
3.8%
CVE-2014-0236 HIGH This Week

file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service PHP
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2016-3185 HIGH This Week

The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service PHP
NVD
CVSS 3.0
7.1
EPSS
2.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy