Vulnerabilities > PHP

DATE CVE VULNERABILITY TITLE RISK
2016-05-22 CVE-2015-8876 Unspecified vulnerability in PHP
Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data.
network
low complexity
php
critical
9.8
2016-05-22 CVE-2015-8867 Cryptographic Issues vulnerability in multiple products
The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
network
low complexity
php canonical CWE-310
7.5
2016-05-22 CVE-2015-8866 XXE vulnerability in multiple products
ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161.
network
low complexity
php canonical suse opensuse CWE-611
critical
9.6
2016-05-22 CVE-2014-9767 Path Traversal vulnerability in multiple products
Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive.
4.3
2016-05-20 CVE-2016-4073 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call.
network
low complexity
php apple CWE-119
critical
9.8
2016-05-20 CVE-2016-4072 Improper Input Validation vulnerability in multiple products
The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the phar_analyze_path function in ext/phar/phar.c.
network
low complexity
php apple CWE-20
critical
9.8
2016-05-20 CVE-2016-4071 Improper Input Validation vulnerability in multiple products
Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.
network
low complexity
php apple CWE-20
critical
9.8
2016-05-20 CVE-2016-4070 Numeric Errors vulnerability in PHP
Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function.
network
low complexity
php CWE-189
7.5
2016-05-20 CVE-2015-8865 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file.
local
low complexity
php apple CWE-119
7.3
2016-05-16 CVE-2016-3185 Improper Input Validation vulnerability in PHP
The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.
local
low complexity
php CWE-20
7.1