National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:php:php:5.5.0:alpha3
There are 232 matching records.
Displaying matches 121 through 140.
Vuln ID Summary CVSS Severity
CVE-2015-8878

main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory corruption) by leveraging an application that performs many temporary-file accesses.

Published: May 21, 2016; 09:59:10 PM -04:00
V3.0: 5.9 MEDIUM
    V2: 7.1 HIGH
CVE-2015-8877

The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.

Published: May 21, 2016; 09:59:09 PM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2015-8876

Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data.

Published: May 21, 2016; 09:59:07 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2015-8867

The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.

Published: May 21, 2016; 09:59:06 PM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2015-8866

ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161.

Published: May 21, 2016; 09:59:05 PM -04:00
V3.0: 9.6 CRITICAL
    V2: 6.8 MEDIUM
CVE-2014-9767

Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive.

Published: May 21, 2016; 09:59:00 PM -04:00
V3.0: 4.3 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-4073

Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call.

Published: May 20, 2016; 07:00:18 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2016-4072

The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the phar_analyze_path function in ext/phar/phar.c.

Published: May 20, 2016; 07:00:16 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2016-4071

Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.

Published: May 20, 2016; 07:00:15 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2016-4070

** DISPUTED ** Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not)."

Published: May 20, 2016; 07:00:14 AM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2015-8865

The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file.

Published: May 20, 2016; 06:59:00 AM -04:00
V3.0: 7.3 HIGH
    V2: 7.5 HIGH
CVE-2016-3185

The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.

Published: May 16, 2016; 06:59:27 AM -04:00
V3.0: 7.1 HIGH
    V2: 6.4 MEDIUM
CVE-2016-2554

Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TAR archive.

Published: May 16, 2016; 06:59:26 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2015-8874

Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.

Published: May 16, 2016; 06:59:25 AM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2015-8873

Stack consumption vulnerability in Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service (segmentation fault) via recursive method calls.

Published: May 16, 2016; 06:59:24 AM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2015-8838

ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152.

Published: May 16, 2016; 06:59:23 AM -04:00
V3.0: 5.9 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-8835

The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application crash) or possibly execute arbitrary code via crafted serialized data representing a numerically indexed _cookies array, related to the SoapClient::__call method in ext/soap/soap.c.

Published: May 16, 2016; 06:59:22 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2015-6838

The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument loop, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837.

Published: May 16, 2016; 06:59:21 AM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2015-6837

The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838.

Published: May 16, 2016; 06:59:20 AM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2015-6835

The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted session content.

Published: May 16, 2016; 06:59:19 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH