Total
706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6207 | 4 Debian, Libgd, Opensuse and 1 more | 4 Debian Linux, Libgd, Leap and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors. | |||||
| CVE-2016-6174 | 2 Invisioncommunity, Php | 2 Invision Power Board, Php | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter. | |||||
| CVE-2016-6128 | 5 Canonical, Debian, Libgd and 2 more | 5 Ubuntu Linux, Debian Linux, Libgd and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index. | |||||
| CVE-2016-5773 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object. | |||||
| CVE-2016-5772 | 4 Debian, Opensuse, Php and 1 more | 7 Debian Linux, Leap, Opensuse and 4 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call. | |||||
| CVE-2016-5771 | 3 Debian, Opensuse, Php | 4 Debian Linux, Leap, Opensuse and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data. | |||||
| CVE-2016-5770 | 3 Debian, Opensuse, Php | 4 Debian Linux, Leap, Opensuse and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096. | |||||
| CVE-2016-5769 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic functions. | |||||
| CVE-2016-5768 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception. | |||||
| CVE-2016-5767 | 2 Libgd, Php | 2 Libgd, Php | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions. | |||||
| CVE-2016-5766 | 6 Debian, Fedoraproject, Freebsd and 3 more | 7 Debian Linux, Fedora, Freebsd and 4 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image. | |||||
| CVE-2016-5399 | 1 Php | 1 Php | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted bz2 archive. | |||||
| CVE-2016-5385 | 8 Debian, Drupal, Fedoraproject and 5 more | 14 Debian Linux, Drupal, Fedora and 11 more | 2024-11-21 | 5.1 MEDIUM | 8.1 HIGH |
| PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue. | |||||
| CVE-2016-5116 | 4 Debian, Libgd, Opensuse and 1 more | 4 Debian Linux, Libgd, Leap and 1 more | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and application crash) via a long name. | |||||
| CVE-2016-5114 | 1 Php | 1 Php | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and buffer overflow) via a long string, as demonstrated by a long URI in a configuration with custom REQUEST_URI logging. | |||||
| CVE-2016-5096 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | 8.6 HIGH |
| Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument. | |||||
| CVE-2016-5095 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | 8.6 HIGH |
| Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094. | |||||
| CVE-2016-5094 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | 8.6 HIGH |
| Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function. | |||||
| CVE-2016-5093 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | 8.6 HIGH |
| The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call. | |||||
| CVE-2016-4544 | 4 Debian, Fedoraproject, Opensuse and 1 more | 5 Debian Linux, Fedora, Leap and 2 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. | |||||