php

756 tracked vulnerabilities.

CVE-2015-8394 CRITICAL
PCRE < 8.38 - Integer Overflow via Crafted Regular Expression
Dec 02, 2015
CVSS 9.8
EPSS 0.02
CVE-2015-8393 HIGH
PCRE < 8.37 - Information Exposure via pcregrep -q Option
Dec 02, 2015
CVSS 7.5
EPSS 0.01
CVE-2015-8391 CRITICAL
PCRE < 8.38 - Denial of Service via Crafted Regular Expression with Nested [:
Dec 02, 2015
CVSS 9.8
EPSS 0.06
CVE-2015-8390 CRITICAL
PCRE < 8.37 - Denial of Service via Crafted Regular Expression
Dec 02, 2015
CVSS 9.8
EPSS 0.03
CVE-2015-8389 CRITICAL
PCRE < 8.37 - Denial of Service via Recursive Regular Expression Pattern
Dec 02, 2015
CVSS 9.8
EPSS 0.03
CVE-2015-8387 HIGH
PCRE < 8.38 - Integer Overflow via Subroutine Call in Regular Expression
Dec 02, 2015
CVSS 7.3
EPSS 0.01
CVE-2015-8386 CRITICAL
PCRE < 8.38 - Buffer Overflow via Lookbehind Assertions and Mutually Recursive Subpatterns
Dec 02, 2015
CVSS 9.8
EPSS 0.08
CVE-2015-8383 CRITICAL
PCRE < 8.37 - Buffer Overflow via Repeated Conditional Groups
Dec 02, 2015
CVSS 9.8
EPSS 0.02
CVE-2015-4148
Apple Mac OS X < 10.10.4 - Improper Input Validation
Jun 09, 2015
EPSS 0.12
CVE-2015-4147
PHP <5.4.39, <5.5.23, <5.6.7 - Remote Code Execution
Jun 09, 2015
EPSS 0.48
CVE-2015-4026
PHP <5.4.41, <5.5.25, <5.6.9 - Path Traversal
Jun 09, 2015
EPSS 0.03
CVE-2015-4025
PHP <5.4.41, <5.5.25, <5.6.9 - Info Disclosure
Jun 09, 2015
EPSS 0.08
CVE-2015-4024
Redhat Enterprise Linux < 10.10.4 - Resource Management Error
Jun 09, 2015
EPSS 0.70
CVE-2015-4022
Redhat Enterprise Linux Desktop < 5.4.40 - Numeric Error
Jun 09, 2015
EPSS 0.12
CVE-2015-4021
Redhat Enterprise Linux Desktop < 10.10.4 - Numeric Error
Jun 09, 2015
EPSS 0.27
CVE-2015-3330
PHP <5.4.40, <5.5.24, <5.6.8 - DoS
Jun 09, 2015
EPSS 0.39
CVE-2015-3329
PHP <5.4.40, <5.5.24, <5.6.8 - Buffer Overflow
Jun 09, 2015
EPSS 0.29
CVE-2015-3307
PHP < 5.4.40 - Heap Metadata Corruption via Crafted Tar Archive
Jun 09, 2015
EPSS 0.18
CVE-2015-2783
PHP < 5.4.40, 5.5.x < 5.5.24, 5.6.x < 5.6.8 - Buffer Over-Read via Crafted Phar Archive Metadata
Jun 09, 2015
EPSS 0.10
CVE-2015-3416
SQLite <3.8.9 - DoS
Apr 24, 2015
EPSS 0.07
CVE-2015-3415
SQLite <3.8.9 - DoS
Apr 24, 2015
EPSS 0.08
CVE-2015-3414
SQLite < 3.8.9 - Denial of Service via Crafted COLLATE Clause
Apr 24, 2015
EPSS 0.08
CVE-2015-2787
PHP < 5.4.39 - Use-After-Free via Unserialize with __wakeup Function
Mar 30, 2015
EPSS 0.26
CVE-2015-2348
Redhat Enterprise Linux Desktop < 10.10.5 - Access Control
Mar 30, 2015
EPSS 0.06
CVE-2015-2331
libzip < 0.11.2 - Integer Overflow to Heap-Based Buffer Overflow in _zip_cdir_new
Mar 30, 2015
EPSS 0.43
Products
php 723 pear 5 archive_tar 4 frankenphp 2 pearweb 2 php_script_index 2 animated_smiley_generator 1 ar_memberscript 1 blog_cms 1 bloq 1 com_extensions 1 directory_listing_script 1 errordocs 1 ext-http 1 f1_maxs_file_uploader 1 imagick 1 memcached 1 mysql_banner_exchange 1 mysql_extension 1 pear_archive_tar 1 pecl_http 1 php_fi 1 phpsquidpass 1 xhprof 1 xml_rpc 1
Quick Filters
Critical CVEs With Exploits In CISA KEV