CVSS: 9.8EPSS: 34%CPEs: 54EXPL: 2CVE-2015-4147 – php: SoapClient's __call() type confusion through unserialize()
https://notcve.org/view.php?id=CVE-2015-4147
04 Jun 2015 — The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue. El método SoapClient::__call en ext/soap/soap.c en PHP anterior a 5.4.39, 5.5.x anterior a 5.5.23, y 5.6.x anterior a 5.6.7 no verifica que __default_headers es un array, lo que permite... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-19: Data Processing Errors CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 11%CPEs: 10EXPL: 4CVE-2015-1157 – Apple Security Advisory 2015-06-30-2
https://notcve.org/view.php?id=CVE-2015-1157
28 May 2015 — CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message. CoreText en Apple iOS 8.x hasta 8.3 permite a atacantes remotos causar una denegación de servicio (reinicio y interrupción de mensaje) a través de texto Unicode manipulado que no se maneja co... • https://github.com/perillamint/CVE-2015-1157 • CWE-17: DEPRECATED: Code •
CVSS: 4.3EPSS: 96%CPEs: 42EXPL: 1CVE-2015-4000 – LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks
https://notcve.org/view.php?id=CVE-2015-4000
21 May 2015 — The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. El protocolo TLS 1.2 y anteriores, cuando una suite de cifrado DHE_EXPORT está habilitada en un servidor pero no en un cliente, no t... • https://github.com/fatlan/HAProxy-Keepalived-Sec-HighLoads • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.8EPSS: 11%CPEs: 3EXPL: 3CVE-2014-8147 – ICU library 52 < 54 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2014-8147
05 May 2015 — The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text. La función resolveImplicitLevels en common/ubidi.c en la implementación Unicode Bidirectional Algorithm en ICU4C en... • https://www.exploit-db.com/exploits/43887 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 3%CPEs: 5EXPL: 3CVE-2014-8146 – ICU library 52 < 54 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2014-8146
05 May 2015 — The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text. La función resolveImplicitLevels en common/ubidi.c en la implementación Unicode Bidirectional Algorithm en ICU4C en International Comp... • https://www.exploit-db.com/exploits/43887 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2015-3416 – sqlite: stack buffer overflow in src/printf.c
https://notcve.org/view.php?id=CVE-2015-3416
24 Apr 2015 — The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement. La función sqlite3VXPrintf en printf.c en SQLite anterior a 3.8.9 no maneja correctamente los valores de precisión y anchu... • http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 155EXPL: 0CVE-2015-3143 – curl: re-using authenticated connection when unauthenticated
https://notcve.org/view.php?id=CVE-2015-3143
22 Apr 2015 — cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. cURL y libcurl 7.10.6 hasta 7.41.0 no reutilizan correctamente las conexiones NTLM, lo que permite a atacantes remotos conectar como otros usuarios a través de una solicitud no autenticada, un problema similar a CVE-2014-0015. It was discovered that libcurl could incorrectly reuse NTLM-authenticated connect... • http://advisories.mageia.org/MGASA-2015-0179.html • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 3%CPEs: 58EXPL: 1CVE-2015-2783 – php: buffer over-read in Phar metadata parsing
https://notcve.org/view.php?id=CVE-2015-2783
20 Apr 2015 — ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions. ext/phar/phar.c en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8 permite a atacantes remotos obte... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 6%CPEs: 61EXPL: 1CVE-2015-3330 – php: pipelined request executed in deinitialized interpreter under httpd 2.4
https://notcve.org/view.php?id=CVE-2015-3330
20 Apr 2015 — The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter." La función php_handler en sapi/apache2handler/sapi_apache2.c en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8, cuando Apache HTTP S... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=809610f5ea38a83b284e1125d1fff129bdd615e7 • CWE-20: Improper Input Validation CWE-665: Improper Initialization •
CVSS: 9.8EPSS: 45%CPEs: 67EXPL: 1CVE-2015-3329 – php: buffer overflow in phar_set_inode()
https://notcve.org/view.php?id=CVE-2015-3329
20 Apr 2015 — Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive. Múltiples desbordamientos de buffer basado en pila en la función phar_set_inode en phar_internal.h en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8 permiten a atacantes remotos ejecutar código arbitrario a travé... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •