VIR Vulnerability Intelligence Relay

Search

Found 12 results in 359ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-16642 high 7.5 8.5 EXP slesdebian debianubuntu ubuntu phpnetapp 9y ago In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to …
CVE-2016-5399 high 7.8 8.8 EXP sles php 9y ago The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary co…
CVE-2017-5630 high 7.5 8.5 EXP slesdebian debian php 10y ago PEAR core file overwrite vulnerability
CVE-2016-6174 high 8.1 9.1 EXP invisioncommunityphp 10y ago applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.…
CVE-2015-0273 high 8.5 EXP php 11y ago Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialize…
CVE-2013-6420 high 8.5 EXP slessuse susemacos macos php 13y ago The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 …
CVE-2012-3450 low 3.6 EXP php 14y ago pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote a…
CVE-2012-2386 high 8.5 EXP php 14y ago Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash)…
CVE-2012-2311 high 8.5 EXP php 14y ago sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sig…
CVE-2012-0830 high 8.5 EXP php 15y ago The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handl…
CVE-2011-1938 high 8.5 EXP php 15y ago Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname fo…
CVE-2011-1092 high 8.5 EXP php 15y ago Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the …