CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

66 matches found

Oracle linux•added 2016/02/04 12:0 a.m.•95 views

php55-php security update

5.5.21-4 - fix more functions accept paths with NUL character 1213407 5.5.21-3 - core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024 - fix various functions accept paths with NUL character CVE-2015-4025, CVE-2015-4026, 1213407 - fileinfo: fix denial of servic...

10CVSS0.6AI score0.69613EPSS

Exploits21

Oracle linux•added 2016/02/04 12:0 a.m.•78 views

php55 security and bug fix update

php55 2.0-1 - fix incorrect selinux contexts 1194336 php55-php 5.5.21-2.0.1 - add dtrace-utils as build dependency 5.5.21-2 - core: fix use-after-free vulnerability in the processnesteddata function unserialize CVE-2015-2787 - core: fix NUL byte injection in file name argument of moveuploadedfile...

10CVSS1.5AI score0.8832EPSS

Exploits34

OpenVAS•added 2016/01/20 12:0 a.m.•38 views

Amazon Linux: Security Advisory (ALAS-2016-640)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.3AI score0.08692EPSS

Exploits1References2

Tenable Nessus•added 2016/01/19 12:0 a.m.•38 views

Amazon Linux AMI : php56 / php55 (ALAS-2016-640)

The imagerotate function lacked validation of the background color variable, an integer which represents an index of the color palette. A number larger than the length of the color palette could be used in the function, reading beyond the memory of the color palette and causing an information lea...

9.1CVSS8AI score0.08692EPSS

Exploits1References2

Amazon•added 2016/01/18 12:0 a.m.•45 views

Medium: php56, php55

Issue Overview: The imagerotate function lacked validation of the background color variable, an integer which represents an index of the color palette. A number larger than the length of the color palette could be used in the function, reading beyond the memory of the color palette and causing an...

9.1CVSS8.7AI score0.08692EPSS

Exploits1

OpenVAS•added 2015/10/22 12:0 a.m.•53 views

Amazon Linux: Security Advisory (ALAS-2015-602)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.35455EPSS

Exploits7References4

Amazon•added 2015/10/20 12:0 a.m.•77 views

Medium: php55

Issue Overview: As reported upstream https://bugs.php.net/bug.php?id=69720, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7803 A flaw was discovered in the way PHP performed object...

9.8CVSS9.1AI score0.35455EPSS

Exploits7

OpenVAS•added 2015/09/08 12:0 a.m.•51 views

Amazon Linux: Security Advisory (ALAS-2015-494)

10CVSS8.3AI score0.8487EPSS

Exploits38References2

OpenVAS•added 2015/09/08 12:0 a.m.•31 views

Amazon Linux: Security Advisory (ALAS-2014-332)

5CVSS7.8AI score0.01128EPSS

Exploits1References2

OpenVAS•added 2015/09/08 12:0 a.m.•34 views

Amazon Linux: Security Advisory (ALAS-2014-362)