Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.6.2 vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2016-3185
The make_http_soap_request function in ext/soap/php_http.c in PHP prior to 5.4.44, 5.5.x prior to 5.5.28, 5.6.x prior to 5.6.12, and 7.x prior to 7.0.4 allows remote malicious users to obtain sensitive information from process memory or cause a denial of service (type confusion a...
Php Php 5.6.1
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.6.4
Php Php 5.6.6
Php Php 5.6.11
Php Php 5.6.2
Php Php 5.6.10
Php Php 5.6.7
Php Php 5.6.9
Php Php 5.6.3
Php Php 5.6.8
Php Php
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.0.2
Php Php 7.0.0
Php Php 5.5.0
Php Php 5.5.19
Php Php 5.5.25
Php Php 5.5.16
Php Php 5.5.1
668
VMScore
CVE-2015-4116
Use-after-free vulnerability in the spl_ptr_heap_insert function in ext/spl/spl_heap.c in PHP prior to 5.5.27 and 5.6.x prior to 5.6.11 allows remote malicious users to execute arbitrary code by triggering a failed SplMinHeap::compare operation.
Opensuse Leap 42.1
Php Php 5.6.1
Php Php 5.6.5
Php Php 5.6.0
Php Php 5.6.4
Php Php 5.6.6
Php Php 5.6.2
Php Php 5.6.10
Php Php 5.6.7
Php Php
Php Php 5.6.9
Php Php 5.6.3
Php Php 5.6.8
383
VMScore
CVE-2015-8838
ext/mysqlnd/mysqlnd.c in PHP prior to 5.4.43, 5.5.x prior to 5.5.27, and 5.6.x prior to 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle malicious users to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152...
Php Php 5.5.0
Php Php 5.5.19
Php Php 5.5.25
Php Php 5.5.16
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.5.21
Php Php 5.5.17
Php Php 5.5.14
Php Php 5.5.7
Php Php 5.5.12
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.23
Php Php 5.5.8
Php Php 5.5.24
Php Php 5.5.15
Php Php 5.5.11
Php Php 5.5.13
Php Php 5.5.4
Php Php 5.5.26
Php Php 5.5.10
668
VMScore
CVE-2015-3307
The phar_parse_metadata function in ext/phar/phar.c in PHP prior to 5.4.40, 5.5.x prior to 5.5.24, and 5.6.x prior to 5.6.8 allows remote malicious users to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Hpc Node Eus 7.1
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Apple Mac Os X
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.19
Php Php 5.5.2
Php Php 5.5.20
Php Php 5.5.6
Php Php 5.5.7
Php Php 5.6.0
Php Php 5.6.6
Php Php 5.6.7
Php Php 5.5.9
Php Php 5.5.14
Php Php 5.5.18
445
VMScore
CVE-2015-4021
The phar_parse_tarfile function in ext/phar/tar.c in PHP prior to 5.4.41, 5.5.x prior to 5.5.25, and 5.6.x prior to 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote malicious users to cause a denial of service (i...
Redhat Enterprise Linux Hpc Node Eus 7.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Apple Mac Os X
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.19
Php Php 5.5.2
Php Php 5.5.4
Php Php 5.5.5
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.6.6
Php Php 5.4.39
Php Php 5.5.12
Php Php 5.5.13
Php Php 5.5.22
668
VMScore
CVE-2015-4022
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP prior to 5.4.41, 5.5.x prior to 5.5.25, and 5.6.x prior to 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Hpc Node Eus 7.1
Redhat Enterprise Linux Workstation 7.0
Php Php
Php Php 5.4.39
Php Php 5.5.0
Php Php 5.5.11
Php Php 5.5.12
Php Php 5.5.21
Php Php 5.5.22
Php Php 5.5.7
Php Php 5.5.8
Php Php 5.6.0
Php Php 5.6.8
Php Php 5.5.9
Php Php 5.5.18
Php Php 5.5.19
Php Php 5.5.3
Php Php 5.5.4
446
VMScore
CVE-2015-4024
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP prior to 5.4.41, 5.5.x prior to 5.5.25, and 5.6.x prior to 5.6.9 allows remote malicious users to cause a denial of service (CPU consumption) via crafted form data that triggers...
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Apple Mac Os X
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.19
Php Php 5.5.2
Php Php 5.5.4
Php Php 5.5.5
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.6.6
Php Php
Php Php 5.5.10
Php Php 5.5.11
Php Php 5.5.20
Php Php 5.5.21
Php Php 5.5.6
Php Php 5.5.7
Php Php 5.5.8
Php Php 5.6.7
Php Php 5.6.8
2 Github repositories
668
VMScore
CVE-2015-4026
The pcntl_exec implementation in PHP prior to 5.4.41, 5.5.x prior to 5.5.25, and 5.6.x prior to 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote malicious users to bypass intended extension restrictions and execute files with unexpected name...
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Php Php 5.5.0
Php Php
Php Php 5.4.39
Php Php 5.5.11
Php Php 5.5.12
Php Php 5.5.21
Php Php 5.5.22
Php Php 5.5.8
Php Php 5.6.0
Php Php 5.6.8
Php Php 5.5.9
Php Php 5.5.18
Php Php 5.5.19
Php Php 5.5.4
Php Php 5.5.5
Php Php 5.6.4
Php Php 5.6.5
Php Php 5.5.1
Php Php 5.5.10
Php Php 5.5.2
668
VMScore
CVE-2015-2331
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and previous versions, as used in the ZIP extension in PHP prior to 5.4.39, 5.5.x prior to 5.5.23, and 5.6.x prior to 5.6.7 and other products, allows remote malicious users to cause a denial of servi...
Nih Libzip
Php Php 5.6.1
Php Php 5.5.0
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.5.19
Php Php 5.5.16
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.6.4
Php Php 5.5.21
Php Php 5.6.6
Php Php 5.5.17
Php Php 5.5.14
Php Php 5.5.7
Php Php 5.6.2
Php Php 5.5.12
Php Php
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.15
668
VMScore
CVE-2014-9705
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP prior to 5.4.38, 5.5.x prior to 5.5.22, and 5.6.x prior to 5.6.6 allows remote malicious users to execute arbitrary code via vectors that trigger creation of multiple dictionari...
Php Php 5.5.0
Php Php 5.5.13
Php Php 5.5.14
Php Php 5.5.20
Php Php 5.5.21
Php Php 5.6.0
Php Php 5.6.1
Php Php 5.5.1
Php Php 5.5.10
Php Php 5.5.17
Php Php 5.5.18
Php Php 5.5.5
Php Php 5.5.6
Php Php 5.6.4
Php Php 5.6.5
Php Php 5.5.15
Php Php 5.5.16
Php Php 5.5.3
Php Php 5.5.4
Php Php 5.6.2
Php Php 5.6.3
Php Php
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »