# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2015-8394 |
190 |
|
DoS Overflow |
2015-12-02 |
2023-02-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
2 |
CVE-2015-8391 |
119 |
|
DoS Overflow |
2015-12-02 |
2023-02-16 |
9.0 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Complete |
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
3 |
CVE-2015-8389 |
119 |
|
DoS Overflow |
2015-12-02 |
2023-02-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
4 |
CVE-2015-8387 |
190 |
|
DoS Overflow |
2015-12-02 |
2023-02-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
5 |
CVE-2015-8386 |
119 |
|
DoS Overflow |
2015-12-02 |
2023-02-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
6 |
CVE-2015-8383 |
119 |
|
DoS Overflow |
2015-12-02 |
2023-02-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
7 |
CVE-2015-4022 |
189 |
|
Exec Code Overflow |
2015-06-09 |
2019-04-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. |
8 |
CVE-2015-3416 |
190 |
|
DoS Overflow |
2015-04-24 |
2022-08-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement. |
9 |
CVE-2015-3329 |
119 |
|
Exec Code Overflow |
2015-06-09 |
2019-12-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive. |
10 |
CVE-2015-3307 |
119 |
|
DoS Overflow |
2015-06-09 |
2019-04-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive. |
11 |
CVE-2015-2783 |
119 |
|
DoS Overflow +Info |
2015-06-09 |
2019-04-22 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions. |
12 |
CVE-2015-2331 |
189 |
|
DoS Exec Code Overflow |
2015-03-30 |
2018-10-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow. |
13 |
CVE-2015-2305 |
190 |
|
Exec Code Overflow |
2015-03-30 |
2022-08-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. |
14 |
CVE-2015-0235 |
787 |
|
Exec Code Overflow |
2015-01-28 |
2022-07-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST." |
15 |
CVE-2014-9709 |
119 |
|
DoS Overflow |
2015-03-30 |
2022-11-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function. |
16 |
CVE-2014-9705 |
119 |
|
Exec Code Overflow |
2015-03-30 |
2018-01-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries. |
17 |
CVE-2014-9652 |
119 |
|
DoS Overflow |
2015-03-30 |
2017-07-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file. |
18 |
CVE-2014-9427 |
119 |
|
Exec Code Overflow +Info |
2015-01-03 |
2016-12-31 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might (1) allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a .php file or (2) trigger unexpected code execution if a valid PHP script is present in memory locations adjacent to the mapping. |