[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2015-4643":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":78,"duplicate_of":9,"upstream":79,"downstream":80,"duplicates":107,"related":108,"reserved_at":9,"published_at":113,"modified_at":114,"state":115,"summary":116,"references_raw":124,"kevs":192,"epss":193,"epss_history":196,"metrics":454,"affected":463},"CVE-2015-4643","Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[69],{"_key":70,"name":71,"source":72,"url":73,"maturity":74,"reliability_score":75,"verified":76,"type":9,"platforms":77,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_EF640AB1C6144236","Exploit Reference (bugs.php.net)","reference","https://bugs.php.net/bug.php?id=69545","unknown",0.2,false,[],[],[],[81,83,85,87,89,91,93,95,97,99,101,103,105],{"_key":82},"RHSA-2015:1135",{"_key":84},"RHSA-2015:1186",{"_key":86},"RHSA-2015:1187",{"_key":88},"RHSA-2015:1218",{"_key":90},"RHSA-2015:1219",{"_key":92},"SUSE-SU-2015:1253-1",{"_key":94},"SUSE-SU-2015:1253-2",{"_key":96},"SUSE-SU-2016:1638-1",{"_key":98},"DLA-307-1",{"_key":100},"DSA-3344-1",{"_key":102},"MGASA-2015-0258",{"_key":104},"UBUNTU-CVE-2015-4643",{"_key":106},"USN-2658-1",[],[109,110,111,112],{"_key":92},{"_key":94},{"_key":96},{"_key":102},"2016-05-16T10:00:00.000Z","2024-08-06T06:18:12.092Z","Modified",{"cisa_kev":76,"cisa_ransomware":76,"cisa_vendor":9,"epss_severity":117,"epss_score":118,"severity":119,"severity_score":120,"severity_version":121,"severity_source":122,"severity_vector":123,"severity_status":115},"low",0.08663,"critical",9.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[125,133,139,145,149,154,158,165,170,175,179,184,188],{"url":126,"sources":127,"tags":129},"http://rhn.redhat.com/errata/RHSA-2015-1187.html",[128,122],"cve.org",[130,131,132],"Vendor Advisory","X Refsource REDHAT","Third Party Advisory",{"url":73,"sources":134,"tags":135},[128,122],[136,137,138,130],"X Refsource CONFIRM","Exploit","Issue Tracking",{"url":140,"sources":141,"tags":142},"http://www.securitytracker.com/id/1032709",[128,122],[143,144,132],"VDB Entry","X Refsource SECTRACK",{"url":146,"sources":147,"tags":148},"http://rhn.redhat.com/errata/RHSA-2015-1186.html",[128,122],[130,131,132],{"url":150,"sources":151,"tags":152},"http://www.debian.org/security/2015/dsa-3344",[128,122],[130,153,132],"X Refsource DEBIAN",{"url":155,"sources":156,"tags":157},"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",[128,122],[136,132],{"url":159,"sources":160,"tags":161},"http://openwall.com/lists/oss-security/2015/06/18/6",[128,122],[162,163,164,132],"Mailing List","X Refsource MLIST","Patch",{"url":166,"sources":167,"tags":168},"http://php.net/ChangeLog-5.php",[128,122],[136,169,130],"Release Notes",{"url":171,"sources":172,"tags":173},"http://www.securityfocus.com/bid/75291",[128,122],[143,174,132],"X Refsource BID",{"url":176,"sources":177,"tags":178},"http://rhn.redhat.com/errata/RHSA-2015-1135.html",[128,122],[130,131,132],{"url":180,"sources":181,"tags":182},"https://security.gentoo.org/glsa/201606-10",[128,122],[130,183,132],"X Refsource GENTOO",{"url":185,"sources":186,"tags":187},"http://rhn.redhat.com/errata/RHSA-2015-1218.html",[128,122],[130,131,132],{"url":189,"sources":190,"tags":191},"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0765623d6991b62ffcd93ddb6be8a5203a2fa7e2",[128,122],[136],[],{"date":194,"score":118,"percentile":195},"2026-06-04",0.92601,[197,200,203,206,209,211,214,216,219,222,225,228,231,234,236,239,242,245,248,251,254,257,260,262,265,267,270,273,277,280,283,286,289,292,295,298,301,304,307,310,312,315,318,321,324,327,330,333,335,337,340,343,346,349,353,356,359,362,365,368,371,373,376,379,382,384,387,390,393,396,398,400,403,406,409,412,415,417,419,422,425,428,431,434,437,440,443,445,448,451],{"date":198,"score":118,"percentile":199},"2025-11-04",0.92059,{"date":201,"score":118,"percentile":202},"2025-11-05",0.9206,{"date":204,"score":118,"percentile":205},"2025-11-06",0.92062,{"date":207,"score":118,"percentile":208},"2025-11-07",0.92065,{"date":210,"score":118,"percentile":205},"2025-11-08",{"date":212,"score":118,"percentile":213},"2025-11-09",0.92061,{"date":215,"score":118,"percentile":205},"2025-11-10",{"date":217,"score":118,"percentile":218},"2025-11-11",0.92068,{"date":220,"score":118,"percentile":221},"2025-11-12",0.92073,{"date":223,"score":118,"percentile":224},"2025-11-13",0.92076,{"date":226,"score":118,"percentile":227},"2025-11-14",0.92077,{"date":229,"score":118,"percentile":230},"2025-11-15",0.92074,{"date":232,"score":118,"percentile":233},"2025-11-16",0.92081,{"date":235,"score":118,"percentile":233},"2025-11-17",{"date":237,"score":118,"percentile":238},"2025-11-18",0.91587,{"date":240,"score":118,"percentile":241},"2025-11-19",0.91592,{"date":243,"score":118,"percentile":244},"2025-11-20",0.91597,{"date":246,"score":118,"percentile":247},"2025-11-21",0.9209,{"date":249,"score":118,"percentile":250},"2025-11-22",0.92089,{"date":252,"score":118,"percentile":253},"2025-11-23",0.92095,{"date":255,"score":118,"percentile":256},"2025-11-24",0.92096,{"date":258,"score":118,"percentile":259},"2025-11-25",0.92098,{"date":261,"score":118,"percentile":259},"2025-11-26",{"date":263,"score":118,"percentile":264},"2025-11-27",0.92097,{"date":266,"score":118,"percentile":250},"2025-11-28",{"date":268,"score":118,"percentile":269},"2025-11-29",0.92108,{"date":271,"score":118,"percentile":272},"2025-11-30",0.92106,{"date":274,"score":275,"percentile":276},"2025-12-01",0.07859,0.91706,{"date":278,"score":275,"percentile":279},"2025-12-02",0.91708,{"date":281,"score":275,"percentile":282},"2025-12-03",0.9171,{"date":284,"score":118,"percentile":285},"2025-12-04",0.92111,{"date":287,"score":118,"percentile":288},"2025-12-05",0.92112,{"date":290,"score":118,"percentile":291},"2025-12-06",0.92118,{"date":293,"score":118,"percentile":294},"2025-12-07",0.92116,{"date":296,"score":118,"percentile":297},"2025-12-08",0.92117,{"date":299,"score":118,"percentile":300},"2025-12-09",0.92121,{"date":302,"score":118,"percentile":303},"2025-12-10",0.9213,{"date":305,"score":118,"percentile":306},"2025-12-11",0.92133,{"date":308,"score":118,"percentile":309},"2025-12-12",0.92137,{"date":311,"score":118,"percentile":303},"2025-12-13",{"date":313,"score":118,"percentile":314},"2025-12-14",0.92127,{"date":316,"score":118,"percentile":317},"2025-12-15",0.92129,{"date":319,"score":118,"percentile":320},"2025-12-16",0.92138,{"date":322,"score":118,"percentile":323},"2025-12-17",0.92144,{"date":325,"score":118,"percentile":326},"2025-12-18",0.92148,{"date":328,"score":118,"percentile":329},"2025-12-19",0.92151,{"date":331,"score":118,"percentile":332},"2025-12-20",0.9215,{"date":334,"score":118,"percentile":329},"2025-12-21",{"date":336,"score":118,"percentile":329},"2025-12-22",{"date":338,"score":118,"percentile":339},"2025-12-23",0.92152,{"date":341,"score":118,"percentile":342},"2025-12-24",0.92156,{"date":344,"score":118,"percentile":345},"2025-12-25",0.92161,{"date":347,"score":118,"percentile":348},"2025-12-26",0.92162,{"date":350,"score":351,"percentile":352},"2025-12-27",0.04609,0.8895,{"date":354,"score":118,"percentile":355},"2025-12-28",0.92159,{"date":357,"score":118,"percentile":358},"2025-12-29",0.92155,{"date":360,"score":118,"percentile":361},"2025-12-30",0.9216,{"date":363,"score":118,"percentile":364},"2025-12-31",0.92167,{"date":366,"score":275,"percentile":367},"2026-01-01",0.91776,{"date":369,"score":275,"percentile":370},"2026-01-02",0.91771,{"date":372,"score":275,"percentile":370},"2026-01-03",{"date":374,"score":118,"percentile":375},"2026-01-04",0.92172,{"date":377,"score":118,"percentile":378},"2026-01-05",0.92171,{"date":380,"score":118,"percentile":381},"2026-01-06",0.92173,{"date":383,"score":118,"percentile":381},"2026-01-07",{"date":385,"score":118,"percentile":386},"2026-01-08",0.92177,{"date":388,"score":118,"percentile":389},"2026-01-09",0.92179,{"date":391,"score":118,"percentile":392},"2026-01-10",0.92181,{"date":394,"score":118,"percentile":395},"2026-01-11",0.92175,{"date":397,"score":118,"percentile":395},"2026-01-12",{"date":399,"score":118,"percentile":395},"2026-01-13",{"date":401,"score":118,"percentile":402},"2026-01-14",0.92186,{"date":404,"score":118,"percentile":405},"2026-01-15",0.92188,{"date":407,"score":118,"percentile":408},"2026-01-16",0.9219,{"date":410,"score":118,"percentile":411},"2026-01-17",0.92193,{"date":413,"score":118,"percentile":414},"2026-01-18",0.92187,{"date":416,"score":118,"percentile":414},"2026-01-19",{"date":418,"score":118,"percentile":408},"2026-01-20",{"date":420,"score":118,"percentile":421},"2026-01-21",0.92195,{"date":423,"score":118,"percentile":424},"2026-01-22",0.92199,{"date":426,"score":118,"percentile":427},"2026-01-23",0.92207,{"date":429,"score":118,"percentile":430},"2026-01-24",0.92213,{"date":432,"score":118,"percentile":433},"2026-01-25",0.92216,{"date":435,"score":118,"percentile":436},"2026-01-26",0.92219,{"date":438,"score":118,"percentile":439},"2026-01-27",0.92221,{"date":441,"score":118,"percentile":442},"2026-01-28",0.92224,{"date":444,"score":118,"percentile":442},"2026-01-29",{"date":446,"score":118,"percentile":447},"2026-01-30",0.92222,{"date":449,"score":118,"percentile":450},"2026-01-31",0.9222,{"date":452,"score":275,"percentile":453},"2026-02-01",0.91824,[455],{"source":122,"cvss_v2_0":456,"cvss_v3_0":461,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":457,"baseSeverity":9,"vectorString":458,"impactScore":459,"exploitabilityScore":460},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":120,"baseSeverity":462,"vectorString":123,"impactScore":120,"exploitabilityScore":460},"CRITICAL",[464,475,483,500,508,514,526,540,547],{"ecosystem":9,"name":465,"vendor":466,"product":467,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":469},"debian linux","debian","debian_linux","o",[470,473],{"version":471,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0","cpe",{"version":474,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"ecosystem":9,"name":476,"vendor":477,"product":476,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":478},"linux","oracle",[479,481],{"version":480,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6",{"version":482,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7:0",{"ecosystem":9,"name":484,"vendor":9,"product":484,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":485},"PHP",[486,491,496],{"version":487,"is_range":488,"range_type":472,"version_start":9,"version_start_type":9,"version_end":489,"version_end_type":490,"fixed_in":9},"lt5.4.42",true,"5.4.42","excluding",{"version":492,"is_range":488,"range_type":472,"version_start":493,"version_start_type":494,"version_end":495,"version_end_type":490,"fixed_in":9},"gte5.5.0_lt5.5.26","5.5.0","including","5.5.26",{"version":497,"is_range":488,"range_type":472,"version_start":498,"version_start_type":494,"version_end":499,"version_end_type":490,"fixed_in":9},"gte5.6.0_lt5.6.10","5.6.0","5.6.10",{"ecosystem":9,"name":501,"vendor":502,"product":503,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":504},"enterprise linux desktop","redhat","enterprise_linux_desktop",[505,507],{"version":506,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"version":471,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":509,"vendor":502,"product":510,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":511},"enterprise linux server","enterprise_linux_server",[512,513],{"version":506,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":471,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":515,"vendor":502,"product":516,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":517},"enterprise linux server aus","enterprise_linux_server_aus",[518,520,522,524],{"version":519,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.6",{"version":521,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.3",{"version":523,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.4",{"version":525,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.6",{"ecosystem":9,"name":527,"vendor":502,"product":528,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":529},"enterprise linux server eus","enterprise_linux_server_eus",[530,531,533,535,536,537,539],{"version":519,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":532,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1",{"version":534,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.2",{"version":521,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":523,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":538,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.5",{"version":525,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":541,"vendor":502,"product":542,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":543},"enterprise linux server tus","enterprise_linux_server_tus",[544,545,546],{"version":519,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":521,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":525,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":548,"vendor":502,"product":549,"cpe_part":468,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":550},"enterprise linux workstation","enterprise_linux_workstation",[551,552],{"version":506,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":471,"is_range":76,"range_type":472,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]