Filtered by vendor Php
Subscribe
Total
727 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5767 | 2 Libgd, Php | 2 Libgd, Php | 2018-01-04 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions. | |||||
| CVE-2016-6297 | 1 Php | 1 Php | 2018-01-04 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted zip:// URL. | |||||
| CVE-2016-7124 | 1 Php | 1 Php | 2018-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call. | |||||
| CVE-2016-4073 | 2 Apple, Php | 2 Mac Os X, Php | 2018-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call. | |||||
| CVE-2016-5093 | 1 Php | 1 Php | 2018-01-04 | 7.5 HIGH | 8.6 HIGH |
| The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call. | |||||
| CVE-2016-5094 | 1 Php | 1 Php | 2018-01-04 | 7.5 HIGH | 8.6 HIGH |
| Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function. | |||||
| CVE-2016-4070 | 1 Php | 1 Php | 2018-01-04 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not)." | |||||
| CVE-2016-5096 | 1 Php | 1 Php | 2018-01-04 | 7.5 HIGH | 8.6 HIGH |
| Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument. | |||||
| CVE-2016-4071 | 2 Apple, Php | 2 Mac Os X, Php | 2018-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call. | |||||
| CVE-2016-3142 | 2 Apple, Php | 2 Mac Os X, Php | 2018-01-04 | 6.4 MEDIUM | 8.2 HIGH |
| The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location. | |||||
| CVE-2016-3141 | 2 Apple, Php | 2 Mac Os X, Php | 2018-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element. | |||||
| CVE-2016-1903 | 1 Php | 1 Php | 2018-01-04 | 6.4 MEDIUM | 9.1 CRITICAL |
| The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function. | |||||
| CVE-2015-8935 | 1 Php | 1 Php | 2018-01-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function. | |||||
| CVE-2015-4147 | 3 Apple, Php, Redhat | 8 Mac Os X, Php, Enterprise Linux Desktop and 5 more | 2018-01-04 | 7.5 HIGH | N/A |
| The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue. | |||||
| CVE-2015-4148 | 3 Apple, Php, Redhat | 8 Mac Os X, Php, Enterprise Linux Desktop and 5 more | 2018-01-04 | 5.0 MEDIUM | N/A |
| The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue. | |||||
| CVE-2015-8877 | 2 Libgd, Php | 2 Libgd, Php | 2018-01-04 | 5.0 MEDIUM | 7.5 HIGH |
| The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function. | |||||
| CVE-2016-2554 | 1 Php | 1 Php | 2018-01-04 | 10.0 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TAR archive. | |||||
| CVE-2015-4599 | 2 Php, Redhat | 7 Php, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more | 2018-01-04 | 10.0 HIGH | 9.8 CRITICAL |
| The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue. | |||||
| CVE-2015-4600 | 2 Php, Redhat | 7 Php, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 4 more | 2018-01-04 | 10.0 HIGH | 9.8 CRITICAL |
| The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods. | |||||
| CVE-2015-8835 | 1 Php | 1 Php | 2018-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application crash) or possibly execute arbitrary code via crafted serialized data representing a numerically indexed _cookies array, related to the SoapClient::__call method in ext/soap/soap.c. | |||||