Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.23 views

Linux Distros Unpatched Vulnerability : CVE-2015-6837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The xslextfunctionphp function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used,...

7.5CVSS7.8AI score0.06574EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.37 views

Debian: Security Advisory (DLA-341-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.46801EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.49 views

Mageia: Security Advisory (MGASA-2015-0365)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.46801EPSS
Exploits7References5
Veracode
Veracode
added 2019/05/02 5:27 a.m.50 views

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrar...

9.8CVSS9.1AI score0.46801EPSS
Exploits8References8Affected Software1
Veracode
Veracode
added 2019/05/02 5:27 a.m.57 views

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrar...

9.8CVSS9.2AI score0.46801EPSS
Exploits8References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.62 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2015:1633-1)

This update of PHP5 brings several security fixes. Security fixes : - CVE-2015-6831: A use after free vulnerability in unserialize has been fixed which could be used to crash php or potentially execute code. bnc942291 bnc942294 bnc942295 - CVE-2015-6832: A dangling pointer in the unserialization ...

9.8CVSS9.1AI score0.46801EPSS
Exploits7References28
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:31 a.m.42 views

Security Bulletin: Multiple vulnerabilities in php5 affect IBM Flex System Manager (FSM) (CVE-2015-6836, CVE-2015-6837, CVE-2015-6838)

Summary Multiple security vulnerabilities have been discovered in php5 that is embedded in the IBM FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2015-6836 DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a typ...

7.5CVSS1.7AI score0.09798EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2016/07/14 12:0 a.m.104 views

PHP < 5.4.45, 5.5.x < 5.5.29, 5.6.x < 5.6.13 Multiple Vulnerabilities (Jul 2016) - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

9.8CVSS8.4AI score0.46801EPSS
Exploits8References7
CVE
CVE
added 2016/05/16 10:0 a.m.279 views

CVE-2015-6837

The vulnerability CVE-2015-6837/6838 is a NULL pointer dereference in PHP’s XSLTProcessor (ext/xsl/xsltprocessor.c) when using libxslt, triggered by valuePop() returning NULL without a check. Affected PHP versions are prior to 5.4.45, 5.5.x prior to 5.5.29, and 5.6.x prior to 5.6.13 when libxml2

7.5CVSS7.6AI score0.06574EPSS
Exploits0References6Affected Software2
Tenable Nessus
Tenable Nessus
added 2015/10/27 12:0 a.m.75 views

SUSE SLES11 Security Update : php53 (SUSE-SU-2015:1818-1)

This update of PHP5 brings several security fixes. Security fixes : - CVE-2015-6831: A use after free vulnerability in unserialize has been fixed which could be used to crash php or potentially execute code. bnc942291 bnc942294 bnc942295 - CVE-2015-6836: A SOAP serializefunctioncall type confusio...

7.5CVSS8.6AI score0.09798EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2015/10/12 12:0 a.m.56 views

SUSE SLES11 Security Update : php5 (SUSE-SU-2015:1701-1)

The PHP5 script interpreter was updated to fix security issues : - CVE-2015-6836: A SOAP serializefunctioncall type confusion leading to remote code execution problem was fixed. bnc945428 - CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the XSLTProcessor class were fixed. bnc945412...

7.5CVSS8.7AI score0.09798EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2015/10/01 12:0 a.m.58 views

Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2758-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2758-1 advisory. It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting ...

10CVSS8.9AI score0.46801EPSS
Exploits8References11
OpenVAS
OpenVAS
added 2015/10/01 12:0 a.m.72 views

Ubuntu: Security Advisory (USN-2758-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9AI score0.46801EPSS
Exploits8References2
Ubuntu
Ubuntu
added 2015/09/30 8:10 p.m.107 views

USN-2758-1: PHP vulnerabilities

It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. CVE-2015-5589 It was discovered that the PHP phar extension incorrectly handled certain filepaths. A remote attacker cou...

10CVSS8.7AI score0.46801EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2015/09/28 12:0 a.m.59 views

openSUSE Security Update : php5 (openSUSE-2015-609)

The PHP5 script interpreter was updated to fix various security issues : - CVE-2015-6831: A use after free vulnerability in unserialize has been fixed which could be used to crash php or potentially execute code. bnc942291 bnc942294 bnc942295 - CVE-2015-6832: A dangling pointer in the...

9.8CVSS8.9AI score0.46801EPSS
Exploits7References17
OpenVAS
OpenVAS
added 2015/09/26 12:0 a.m.44 views

openSUSE: Security Advisory for php5 (openSUSE-SU-2015:1628-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.46801EPSS
Exploits7References1
Debian
Debian
added 2015/09/13 2:58 p.m.54 views

[SECURITY] [DSA 3358-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3358-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2015 https://www.debian.org/security/faq -...

9.8CVSS9.7AI score0.46801EPSS
Exploits7
Debian
Debian
added 2015/09/13 2:58 p.m.64 views

[SECURITY] [DSA 3358-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3358-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2015 https://www.debian.org/security/faq -...

7.5CVSS1.1AI score0.46801EPSS
Exploits7
Rows per page
Query Builder