CVSS: 9.8EPSS: 24%CPEs: 9EXPL: 1CVE-2016-5772 – php: Double Free Corruption in wddx_deserialize
https://notcve.org/view.php?id=CVE-2016-5772
26 Jun 2016 — Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call. Vulnerabilidad de liberación doble en la función php_wddx_process_data en wddx.c en la extensión WDDX en PHP en versiones anteriores a 5.5.37, 5.6.x en versiones anteriores a 5... • http://github.com/php/php-src/commit/a44c89e8af7c2410f4bfc5e097be2a5d0639a60c?w=1 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 9.8EPSS: 20%CPEs: 41EXPL: 1CVE-2016-5773 – php: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
https://notcve.org/view.php?id=CVE-2016-5773
26 Jun 2016 — php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object. php_zip.c en la extension zip en PHP en versiones anteriores a 5.5.37, 5.6.x en versiones anteriores a 5.6.23 y 7.x en versiones anteriores 7.0.8 intera... • http://github.com/php/php-src/commit/f6aef68089221c5ea047d4a74224ee3deead99a6?w=1 • CWE-416: Use After Free •
CVSS: 8.6EPSS: 2%CPEs: 31EXPL: 0CVE-2016-5095 – Ubuntu Security Notice USN-3045-1
https://notcve.org/view.php?id=CVE-2016-5095
14 Jun 2016 — Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094. Desbordamiento de entero en la función php_escape_html_entities_ex en ext/standard/html.c en PHP en versiones ant... • http://php.net/ChangeLog-5.php • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.6EPSS: 1%CPEs: 38EXPL: 1CVE-2016-5093 – php: improper nul termination leading to out-of-bounds read in get_icu_value_internal
https://notcve.org/view.php?id=CVE-2016-5093
27 May 2016 — The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call. La función get_icu_value_internal en ext/intl/locale/locale_methods.c en PHP en versiones anteriores a 5.5.36, 5.6.x en versiones anteriores a 5.6.22 y 7.x ... • http://php.net/ChangeLog-5.php • CWE-125: Out-of-bounds Read CWE-170: Improper Null Termination •
CVSS: 8.6EPSS: 2%CPEs: 31EXPL: 0CVE-2016-5094 – php: Integer overflow in php_html_entities()
https://notcve.org/view.php?id=CVE-2016-5094
27 May 2016 — Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function. Desbordamiento de entero en la función php_html_entities en ext/standard/html.c en PHP en versiones anteriores a 5.5.36 y 5.6.x en versiones anteriores a 5.6.22 permite a atacantes remotos provocar una denegación de servicio o... • http://php.net/ChangeLog-5.php • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.6EPSS: 2%CPEs: 31EXPL: 1CVE-2016-5096 – php: Integer underflow causing arbitrary null write in fread/gzread
https://notcve.org/view.php?id=CVE-2016-5096
27 May 2016 — Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument. Desbordamiento de entero en la función fread en ext/standard/file.c en PHP en versiones anteriores a 5.5.36 y 5.6.x en versiones anteriores a 5.6.22 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a t... • http://php.net/ChangeLog-5.php • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.6EPSS: 2%CPEs: 39EXPL: 1CVE-2013-7456 – gd: incorrect boundary adjustment in _gdContributionsCalc
https://notcve.org/view.php?id=CVE-2013-7456
27 May 2016 — gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function. gd_interpolation.c en la GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.1.1, tal como se usa en PHP en versiones anteriores 5.5.36, 5.6.x en versiones an... • http://php.net/ChangeLog-5.php • CWE-125: Out-of-bounds Read •
CVSS: 9.6EPSS: 1%CPEs: 13EXPL: 1CVE-2015-8866 – php: libxml_disable_entity_loader setting is shared between threads
https://notcve.org/view.php?id=CVE-2015-8866
22 May 2016 — ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161. ext/libxml/libxml.c en PHP en versiones anteriores a 5.5.22 y 5.6.x en versiones anteriores a 5.6.6, cuando se utiliza PHP-FPM, no aisla cada hilo de cambios libxml_dis... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=de31324c221c1791b26350ba106cc26bad23ace9 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.5EPSS: 13%CPEs: 6EXPL: 0CVE-2015-8867 – php: openssl_random_pseudo_bytes() is not cryptographically secure
https://notcve.org/view.php?id=CVE-2015-8867
22 May 2016 — The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. La función openssl_random_pseudo_bytes en ext/openssl/openssl.c en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.12 se basa incorre... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=16023f3e3b9c06cf677c3c980e8d574e4c162827 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 1CVE-2015-8877 – gd: gdImageScaleTwoPass function in gd_interpolation.c uses inconsistent allocate and free approaches
https://notcve.org/view.php?id=CVE-2015-8877
22 May 2016 — The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function. La función gdImageScaleTwoPass en gd_interpolation.c en el GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.2.0, como es utilizado en PHP e... • http://rhn.redhat.com/errata/RHSA-2016-2750.html • CWE-399: Resource Management Errors CWE-772: Missing Release of Resource after Effective Lifetime •