Lucene search
K

17 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.51 views

K63712424: PHP vulnerability CVE-2015-8935

Security Advisory Description The sapiheaderop function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting XSS attacks against...

6.1CVSS6.9AI score0.02959EPSS
Exploits0Affected Software22
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.34 views

SUSE: Security Advisory (SUSE-SU-2016:2013-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.09674EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.38 views

SUSE: Security Advisory (SUSE-SU-2016:2080-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.09844EPSS
Exploits11References15
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.52 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2221)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.35438EPSS
Exploits15References2
OpenVAS
OpenVAS
added 2016/10/24 12:0 a.m.29 views

F5 BIG-IP - PHP vulnerability CVE-2015-8935

F5 BIG-IP is prone to a vulnerability in PHP. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...

6.1CVSS6.7AI score0.02959EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2016/10/18 12:0 a.m.48 views

SOL63712424 - PHP vulnerability CVE-2015-8935

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

6.1CVSS2.4AI score0.02959EPSS
Exploits0References10
Cloud Foundry
Cloud Foundry
added 2016/09/09 12:0 a.m.93 views

USN-3045-1 PHP vulnerabilities | Cloud Foundry

USN-3045-1 PHP vulnerabilities Medium Vendor PHP Versions Affected Cloud Foundry PHP buildpack versions prior to 4.3.18 Note: The PHP buildpack is patched from upstream PHP source Description It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker...

9.8CVSS9.1AI score0.50427EPSS
Exploits26
Tenable Nessus
Tenable Nessus
added 2016/09/02 12:0 a.m.61 views

SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2013-1)

php53 was updated to fix five security issues. These security issues were fixed : - CVE-2016-5769: mcrypt: Heap Overflow due to integer overflows bsc986388. - CVE-2015-8935: XSS in header with Internet Explorer bsc986004. - CVE-2016-5772: Double Free Courruption in wddxdeserialize bsc986244. -...

9.8CVSS6.9AI score0.09674EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2016/09/02 12:0 a.m.73 views

SUSE SLES11 Security Update : php5 (SUSE-SU-2016:2080-1)

php5 was updated to fix the following security issues : - CVE-2016-6297: Stack-based buffer overflow vulnerability in phpstreamzipopener bsc991426. - CVE-2016-6291: Out-of-bounds access in exifprocessIFDinMAKERNOTE bsc991427. - CVE-2016-6289: Integer overflow leads to buffer overflow in...

9.8CVSS7AI score0.09844EPSS
Exploits11References37
OpenVAS
OpenVAS
added 2016/08/17 12:0 a.m.32 views

PHP < 5.4.38, 5.5.x < 5.5.22, 5.6.x < 5.6.6 XSS Vulnerability (Aug 2016) - Linux

PHP is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if descriptio...

6.1CVSS7.1AI score0.02959EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/08/08 12:0 a.m.64 views

Ubuntu: Security Advisory (USN-3045-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.50427EPSS
Exploits26References2
NVD
NVD
added 2016/08/07 10:59 a.m.16 views

CVE-2015-8935

The sapiheaderop function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting XSS attacks against Internet Explorer by leveraging ...

6.1CVSS7.2AI score0.02959EPSS
Exploits0References7
CVE
CVE
added 2016/08/07 10:0 a.m.203 views

CVE-2015-8935

CVE-2015-8935 affects PHP’s sapi_header_op in main/SAPI.c, where legacy line folding is allowed without considering browser compatibility. This enables remote XSS against Internet Explorer via header folding payloads such as %0A%20 or %0D%0A%20. Affected PHP branches include 5.4.x up to 5.4.38, 5...

6.1CVSS6.9AI score0.02959EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/08/03 12:0 a.m.78 views

Ubuntu 14.04 LTS / 16.04 LTS : PHP vulnerabilities (USN-3045-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3045-1 advisory. It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to...

9.8CVSS8AI score0.50427EPSS
Exploits26References26
Ubuntu
Ubuntu
added 2016/08/02 3:44 p.m.128 views

USN-3045-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-4116 ...

9.8CVSS8AI score0.50427EPSS
Exploits26
OpenVAS
OpenVAS
added 2016/07/08 12:0 a.m.59 views

openSUSE: Security Advisory for php5 (openSUSE-SU-2016:1761-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.15484EPSS
Exploits10References1
UbuntuCve
UbuntuCve
added 2016/06/21 12:0 a.m.41 views

CVE-2015-8935

The sapiheaderop function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting XSS attacks against Internet Explorer by leveraging ...

6.1CVSS6.8AI score0.02959EPSS
Exploits0References2
Rows per page
Query Builder