CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 0CVE-2015-8394 – Ubuntu Security Notice USN-2943-1
https://notcve.org/view.php?id=CVE-2015-8394
02 Dec 2015 — PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. PCRE en versiones anteriores a 8.38 no maneja correctamente las condiciones (?() y (? • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 3%CPEs: 5EXPL: 0CVE-2015-8383 – pcre: Buffer overflow caused by repeated conditional group (8.38/3)
https://notcve.org/view.php?id=CVE-2015-8383
02 Dec 2015 — PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. PCRE en versiones anteriores a 8.38 no maneja correctamente ciertos grupos condicionales repetidos, lo que permite a atacantes remotos causar una denegación de servicio (desbordamiento de buffer) o posiblemente tener otro ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 7%CPEs: 6EXPL: 0CVE-2015-8386 – pcre: Buffer overflow caused by lookbehind assertion (8.38/6)
https://notcve.org/view.php?id=CVE-2015-8386
02 Dec 2015 — PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. PCRE en versiones anteriores a 8.38 no maneja correctamente la interacción de aserciones lookbehind y de subpatrones mutuamente recursivos, lo que permite a atacantes remotos causar ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2015-8387 – Ubuntu Security Notice USN-2943-1
https://notcve.org/view.php?id=CVE-2015-8387
02 Dec 2015 — PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. PCRE en versiones anteriores a 8.38 no maneja correctamente las llamadas de subrutina (?123) y las llamadas de subrutina relacionadas, lo que permite a atacantes remotos causar una denegación de servicio ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 3%CPEs: 5EXPL: 0CVE-2015-8389 – Ubuntu Security Notice USN-2943-1
https://notcve.org/view.php?id=CVE-2015-8389
02 Dec 2015 — PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. PCRE en versiones anteriores a 8.38 no maneja correctamente el patrón /(?:|a|){100}x/ y patrones relacionados, lo que permite a atacantes remotos causar una denegación de servicio (recursión infinita) o pos... • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-185: Incorrect Regular Expression •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2015-8393 – Ubuntu Security Notice USN-2943-1
https://notcve.org/view.php?id=CVE-2015-8393
02 Dec 2015 — pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client. pcregrep en PCRE en versiones anteriores a 8.38 no maneja correctamente la opción -q para archivos binarios, lo que podría permitir a atacantes remotos obtener información sensible a través de un archivo manipulado, según lo demostrado por una secuencia de comandos CGI que envía datos... • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 5%CPEs: 39EXPL: 0CVE-2015-4644 – php: NULL pointer dereference in php_pgsql_meta_data()
https://notcve.org/view.php?id=CVE-2015-4644
07 Jul 2015 — The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352. La función php_pgsql_meta_data en pgsql.c en la extensión PostgreSQL (también conocida como pgsq... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 9%CPEs: 27EXPL: 1CVE-2015-4643 – php: integer overflow in ftp_genlist() resulting in heap overflow (improved fix for CVE-2015-4022)
https://notcve.org/view.php?id=CVE-2015-4643
07 Jul 2015 — Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022. Desbordamiento de entero en la función ftp_genlist en ext/ftp/ftp.c en PHP en versiones anteriores a 5.4.42, 5.5.x en versiones anteriores a 5.5.26 y 5.6.x en versiones anter... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0765623d6991b62ffcd93ddb6be8a5203a2fa7e2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 41EXPL: 1CVE-2015-3411 – php: missing null byte checks for paths in various PHP extensions
https://notcve.org/view.php?id=CVE-2015-3411
23 Jun 2015 — PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files. PHP en versiones... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257 • CWE-20: Improper Input Validation CWE-626: Null Byte Interaction Error (Poison Null Byte) •
CVSS: 7.5EPSS: 1%CPEs: 45EXPL: 0CVE-2015-4598 – php: missing null byte checks for paths in DOM and GD extensions
https://notcve.org/view.php?id=CVE-2015-4598
23 Jun 2015 — PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files. PHP en versiones anteriores a 5.4.42, 5.5.x en versiones anteriores a 5.... • http://php.net/ChangeLog-5.php • CWE-20: Improper Input Validation CWE-626: Null Byte Interaction Error (Poison Null Byte) •