Redhat

Enterprise Linux

1857 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 19.68%
  • Veröffentlicht 09.06.2015 18:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files wi...

  • EPSS 20.23%
  • Veröffentlicht 09.06.2015 18:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with...

Exploit
  • EPSS 50.13%
  • Veröffentlicht 09.06.2015 18:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form ...

Exploit
  • EPSS 20.84%
  • Veröffentlicht 09.06.2015 18:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer ove...

Exploit
  • EPSS 21.4%
  • Veröffentlicht 09.06.2015 18:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a de...

Exploit
  • EPSS 14.08%
  • Veröffentlicht 09.06.2015 18:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or p...

Exploit
  • EPSS 38.43%
  • Veröffentlicht 09.06.2015 18:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) ph...

Exploit
  • EPSS 7.7%
  • Veröffentlicht 09.06.2015 18:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a craf...

Exploit
  • EPSS 10.88%
  • Veröffentlicht 09.06.2015 18:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length v...

  • EPSS 15.28%
  • Veröffentlicht 13.05.2015 18:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_...