Filtered by vendor Php
Subscribe
Total
737 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-6207 | 4 Debian, Libgd, Opensuse and 1 more | 4 Debian Linux, Libgd, Leap and 1 more | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors. | |||||
CVE-2015-5589 | 1 Php | 1 Php | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call. | |||||
CVE-2016-5096 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | 8.6 HIGH |
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument. | |||||
CVE-2016-6289 | 1 Php | 1 Php | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted extract operation on a ZIP archive. | |||||
CVE-2016-4345 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. | |||||
CVE-2015-4021 | 3 Apple, Php, Redhat | 9 Mac Os X, Php, Enterprise Linux and 6 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive. | |||||
CVE-2015-4642 | 2 Microsoft, Php | 2 Windows, Php | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 on Windows allows remote attackers to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a call to the PHP system function. | |||||
CVE-2016-7134 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service (allocation error and heap-based buffer overflow) or possibly have unspecified other impact via a long string that is mishandled in a curl_escape call. | |||||
CVE-2015-4116 | 2 Opensuse, Php | 2 Leap, Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Use-after-free vulnerability in the spl_ptr_heap_insert function in ext/spl/spl_heap.c in PHP before 5.5.27 and 5.6.x before 5.6.11 allows remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation. | |||||
CVE-2016-5116 | 4 Debian, Libgd, Opensuse and 1 more | 4 Debian Linux, Libgd, Leap and 1 more | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and application crash) via a long name. | |||||
CVE-2016-5094 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | 8.6 HIGH |
Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function. | |||||
CVE-2015-8390 | 3 Fedoraproject, Pcre, Php | 3 Fedora, Perl Compatible Regular Expression Library, Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
CVE-2016-5770 | 3 Debian, Opensuse, Php | 4 Debian Linux, Leap, Opensuse and 1 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096. | |||||
CVE-2015-8387 | 3 Fedoraproject, Pcre, Php | 3 Fedora, Perl Compatible Regular Expression Library, Php | 2024-02-28 | 7.5 HIGH | 7.3 HIGH |
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
CVE-2014-8626 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding. | |||||
CVE-2014-2020 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226. | |||||
CVE-2014-8142 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019. | |||||
CVE-2013-7327 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2024-02-28 | 6.8 MEDIUM | N/A |
The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return value, a different vulnerability than CVE-2013-7226. | |||||
CVE-2014-3668 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation. | |||||
CVE-2012-1171 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper. |