CVSS: 8.1EPSS: 2%CPEs: 102EXPL: 0CVE-2016-3171
https://notcve.org/view.php?id=CVE-2016-3171
12 Apr 2016 — Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation. Drupal 6.x en versiones anteriores a 6.38, cuando se utiliza con PHP en versiones anteriores a 5.4.45, 5.5.x en versiones anteriores a 5.5.29 o 5.6.x en versiones anteriores a 5.6.13, podría permitir a atacantes remotos ejecutar código arbitrario a través de vectores relacionados con el truncado de datos ... • http://www.debian.org/security/2016/dsa-3498 • CWE-19: Data Processing Errors •
CVSS: 9.8EPSS: 6%CPEs: 21EXPL: 1CVE-2016-3141 – php: Use after free in WDDX Deserialize when processing XML data
https://notcve.org/view.php?id=CVE-2016-3141
31 Mar 2016 — Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element. Vulnerabilidad de uso después de liberación de memoria en wddx.c en la extensión WDDX en PHP en versiones anteriores a 5.5.33 y 5.6.x en versiones anteriores a 5.6.19 permite a atacante... • https://github.com/peternguyen93/CVE-2016-3141 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 8.2EPSS: 11%CPEs: 21EXPL: 0CVE-2016-3142 – php: Out-of-bounds read in phar_parse_zipfile()
https://notcve.org/view.php?id=CVE-2016-3142
31 Mar 2016 — The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location. La función phar_parse_zipfile en zip.c en la extensión PHAR en PHP en versiones anteriores a 5.5.33 y 5.6.x en versiones anteriores a 5.6.19 permite a atacantes remotos obtener información sensible ... • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 8%CPEs: 28EXPL: 1CVE-2016-1903 – php: Out-of-bounds memory read via gdImageRotateInterpolated
https://notcve.org/view.php?id=CVE-2016-1903
19 Jan 2016 — The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function. La función gdImageRotateInterpolated en ext/gd/libgd/gd_interpolation.c en PHP en versiones anteriores a 5.5.31, 5.6.x en versiones anteriores a 5.6.17 y 7.x en versiones anteriores a 7.... • http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2015-7774
https://notcve.org/view.php?id=CVE-2015-7774
14 Nov 2015 — PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role. PC-EGG pWebManager en versiones anteriores a 3.3.10 y en versiones anteriores a 2.2.2 para PHP 4.x permite a usuarios remotos autenticados ejecutar comandos del SO arbitrarios aprovechando el rol editor. • http://jvn.jp/en/jp/JVN25323093/index.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 4%CPEs: 15EXPL: 0CVE-2015-7803 – php: NULL pointer dereference in phar_get_fp_offset()
https://notcve.org/view.php?id=CVE-2015-7803
28 Oct 2015 — The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist. La función phar_get_entry_data en ext/phar/util.c en PHP en versiones anteriores a 5.5.30 y 5.6.x en versiones anteriores a 5.6.14 permite a atacantes remotos causar una denegación de servicio (re... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=d698f0ae51f67c9cce870b09c59df3d6ba959244 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 4%CPEs: 16EXPL: 0CVE-2015-7804 – php: uninitialized pointer in phar_make_dirstream()
https://notcve.org/view.php?id=CVE-2015-7804
28 Oct 2015 — Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive. Error por un paso en la función phar_parse_zipfile en ext/phar/zip.c en PHP en versiones anteriores a 5.5.30 y 5.6.x en versiones anteriores a 5.6.14 permite a atacantes remotos causar una denegación de servicio (referencia a un punte... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1ddf72180a52d247db88ea42a3e35f824a8fbda1 • CWE-189: Numeric Errors CWE-822: Untrusted Pointer Dereference •
CVSS: 7.5EPSS: 1%CPEs: 58EXPL: 0CVE-2015-6832 – php: dangling pointer in the unserialization of ArrayObject items
https://notcve.org/view.php?id=CVE-2015-6832
01 Oct 2015 — Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field. Vulnerabilidad de uso después de liberación de memoria en la implementación de SPL unserialize en ext/spl/spl_array.c en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.1... • http://www.debian.org/security/2015/dsa-3344 •
CVSS: 7.5EPSS: 0%CPEs: 58EXPL: 0CVE-2015-6833 – php: Files from archive can be extracted outside of destination directory using phar
https://notcve.org/view.php?id=CVE-2015-6833
01 Oct 2015 — Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call. Vulnerabilidad de salto de directorio en la clase PharData en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.12 permite a atacantes remotos escribir a archivos arbitrarios a través d... • http://www.debian.org/security/2015/dsa-3344 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 2%CPEs: 5EXPL: 0CVE-2015-6831 – php: Use After Free Vulnerability in unserialize()
https://notcve.org/view.php?id=CVE-2015-6831
01 Oct 2015 — Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization. Múltiples vulnerabilidades de uso después de liberación de memoria en SPL en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.12 permiten a atacante... • http://www.debian.org/security/2015/dsa-3344 • CWE-416: Use After Free •