CVSS: 9.8EPSS: 9%CPEs: 24EXPL: 0CVE-2015-8391 – pcre: inefficient posix character class syntax check (8.38/16)
https://notcve.org/view.php?id=CVE-2015-8391
02 Dec 2015 — The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. La función pcre_compile en pcre_compile.c en PCRE en versiones anteriores a 8.38 no maneja correctamente cierta anidación [: , lo que permite a atacantes remotos causar una denegación de servi... • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-407: Inefficient Algorithmic Complexity •
CVSS: 9.8EPSS: 3%CPEs: 5EXPL: 0CVE-2015-8383 – pcre: Buffer overflow caused by repeated conditional group (8.38/3)
https://notcve.org/view.php?id=CVE-2015-8383
02 Dec 2015 — PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. PCRE en versiones anteriores a 8.38 no maneja correctamente ciertos grupos condicionales repetidos, lo que permite a atacantes remotos causar una denegación de servicio (desbordamiento de buffer) o posiblemente tener otro ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2015-8387 – Ubuntu Security Notice USN-2943-1
https://notcve.org/view.php?id=CVE-2015-8387
02 Dec 2015 — PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. PCRE en versiones anteriores a 8.38 no maneja correctamente las llamadas de subrutina (?123) y las llamadas de subrutina relacionadas, lo que permite a atacantes remotos causar una denegación de servicio ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2015-7774
https://notcve.org/view.php?id=CVE-2015-7774
14 Nov 2015 — PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role. PC-EGG pWebManager en versiones anteriores a 3.3.10 y en versiones anteriores a 2.2.2 para PHP 4.x permite a usuarios remotos autenticados ejecutar comandos del SO arbitrarios aprovechando el rol editor. • http://jvn.jp/en/jp/JVN25323093/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 25%CPEs: 15EXPL: 0CVE-2015-7803 – php: NULL pointer dereference in phar_get_fp_offset()
https://notcve.org/view.php?id=CVE-2015-7803
28 Oct 2015 — The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist. La función phar_get_entry_data en ext/phar/util.c en PHP en versiones anteriores a 5.5.30 y 5.6.x en versiones anteriores a 5.6.14 permite a atacantes remotos causar una denegación de servicio (re... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=d698f0ae51f67c9cce870b09c59df3d6ba959244 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 25%CPEs: 16EXPL: 0CVE-2015-7804 – php: uninitialized pointer in phar_make_dirstream()
https://notcve.org/view.php?id=CVE-2015-7804
28 Oct 2015 — Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive. Error por un paso en la función phar_parse_zipfile en ext/phar/zip.c en PHP en versiones anteriores a 5.5.30 y 5.6.x en versiones anteriores a 5.6.14 permite a atacantes remotos causar una denegación de servicio (referencia a un punte... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1ddf72180a52d247db88ea42a3e35f824a8fbda1 • CWE-189: Numeric Errors CWE-822: Untrusted Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 58EXPL: 0CVE-2015-6833 – php: Files from archive can be extracted outside of destination directory using phar
https://notcve.org/view.php?id=CVE-2015-6833
01 Oct 2015 — Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call. Vulnerabilidad de salto de directorio en la clase PharData en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.12 permite a atacantes remotos escribir a archivos arbitrarios a través d... • http://www.debian.org/security/2015/dsa-3344 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2015-6831 – php: Use After Free Vulnerability in unserialize()
https://notcve.org/view.php?id=CVE-2015-6831
01 Oct 2015 — Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization. Múltiples vulnerabilidades de uso después de liberación de memoria en SPL en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.12 permiten a atacante... • http://www.debian.org/security/2015/dsa-3344 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 6%CPEs: 58EXPL: 0CVE-2015-6832 – php: dangling pointer in the unserialization of ArrayObject items
https://notcve.org/view.php?id=CVE-2015-6832
01 Oct 2015 — Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field. Vulnerabilidad de uso después de liberación de memoria en la implementación de SPL unserialize en ext/spl/spl_array.c en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.1... • http://www.debian.org/security/2015/dsa-3344 •
CVSS: 9.8EPSS: 20%CPEs: 63EXPL: 2CVE-2015-6835 – PHP Session Deserializer - Use-After-Free
https://notcve.org/view.php?id=CVE-2015-6835
15 Sep 2015 — The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted session content. La sesión deserializer en PHP en versiones anteriores a 5.4.45, 5.5.x en versiones anteriores a 5.5.29 y 5.6.x en versiones anteriores a 5.6.13 no es correctamente manejada en llamadas multiples php_var_unserialize, lo que permite a atacantes ... • https://www.exploit-db.com/exploits/38123 • CWE-416: Use After Free •