Redhat

Enterprise Linux Hpc Node

146 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2015-4601

  • EPSS 21.38%
  • Veröffentlicht 16.05.2016 10:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c,...

10

CVE-2015-4600

Exploit
  • EPSS 10.74%
  • Veröffentlicht 16.05.2016 10:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type ...

10

CVE-2015-4599

Exploit
  • EPSS 6.57%
  • Veröffentlicht 16.05.2016 10:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrar...

7.5

CVE-2015-4598

  • EPSS 1.19%
  • Veröffentlicht 16.05.2016 10:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument...

5.3

CVE-2015-3412

Exploit
  • EPSS 1.01%
  • Veröffentlicht 16.05.2016 10:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_pat...

6.5

CVE-2015-3411

Exploit
  • EPSS 0.26%
  • Veröffentlicht 16.05.2016 10:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument ...

5.5

CVE-2016-3718

Warnung
  • EPSS 79.25%
  • Veröffentlicht 05.05.2016 18:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

7.1

CVE-2016-3717

  • EPSS 26.22%
  • Veröffentlicht 05.05.2016 18:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.

4.3

CVE-2016-3716

Exploit
  • EPSS 17.35%
  • Veröffentlicht 05.05.2016 18:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.

5.8

CVE-2016-3715

Warnung Exploit
  • EPSS 79.8%
  • Veröffentlicht 05.05.2016 18:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.