CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 1CVE-2016-5770 – php: Int/size_t confusion in SplFileObject::fread
https://notcve.org/view.php?id=CVE-2016-5770
26 Jun 2016 — Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096. Desbordamiento de entero en la función SplFileObject::fread en spl_directory.c en la extensión SPL en PHP en versiones anteriores a 5.5.37 y 5.6.x en versiones anteriores 5.6.23 permite a atacantes remotos provocar... • http://github.com/php/php-src/commit/7245bff300d3fa8bacbef7897ff080a6f1c23eba?w=1 • CWE-190: Integer Overflow or Wraparound CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.6EPSS: 3%CPEs: 39EXPL: 1CVE-2013-7456 – gd: incorrect boundary adjustment in _gdContributionsCalc
https://notcve.org/view.php?id=CVE-2013-7456
27 May 2016 — gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function. gd_interpolation.c en la GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.1.1, tal como se usa en PHP en versiones anteriores 5.5.36, 5.6.x en versiones an... • http://php.net/ChangeLog-5.php • CWE-125: Out-of-bounds Read •
CVSS: 8.6EPSS: 2%CPEs: 38EXPL: 1CVE-2016-5093 – php: improper nul termination leading to out-of-bounds read in get_icu_value_internal
https://notcve.org/view.php?id=CVE-2016-5093
27 May 2016 — The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call. La función get_icu_value_internal en ext/intl/locale/locale_methods.c en PHP en versiones anteriores a 5.5.36, 5.6.x en versiones anteriores a 5.6.22 y 7.x ... • http://php.net/ChangeLog-5.php • CWE-125: Out-of-bounds Read CWE-170: Improper Null Termination •
CVSS: 9.8EPSS: 9%CPEs: 6EXPL: 1CVE-2016-3132 – Ubuntu Security Notice USN-2984-1
https://notcve.org/view.php?id=CVE-2016-3132
24 May 2016 — Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index. Vulnerabilidad de liberación de doble liberación en la función SplDoublyLinkedList::offsetSet en ext/spl/spl_dllist.c en PHP 7.x en versiones anteriores a 7.0.6 permite a atacantes remotos ejecutar un código arbitrario a través de un índice manipulado. It was discovered that the PHP Fileinfo component incorrectly handl... • http://github.com/php/php-src/commit/28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5?w=1 • CWE-415: Double Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8880
https://notcve.org/view.php?id=CVE-2015-8880
22 May 2016 — Double free vulnerability in the format printer in PHP 7.x before 7.0.1 allows remote attackers to have an unspecified impact by triggering an error. Doble vulnerabilidad libre en el formato printer en PHP 7.x en versiones anteriores a 7.0.1 permite a atacantes remotos tener un impacto no especificado desencadenando un error. • http://php.net/ChangeLog-7.php • CWE-415: Double Free •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2016-4346
https://notcve.org/view.php?id=CVE-2016-4346
22 May 2016 — Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. Desbordamiento de entero en la función str_pad en ext/standard/string.c en PHP en versiones anteriores a 7.0.4 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de una cadena larga, encabezando un d... • http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-4344
https://notcve.org/view.php?id=CVE-2016-4344
22 May 2016 — Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8_encode function, leading to a heap-based buffer overflow. Desbordamiento de entero en la función xml_utf8_encode en ext/xml/xml.c en PHP en versiones anteriores a 7.0.4 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un a... • http://php.net/ChangeLog-7.php • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.6EPSS: 0%CPEs: 13EXPL: 1CVE-2015-8866 – php: libxml_disable_entity_loader setting is shared between threads
https://notcve.org/view.php?id=CVE-2015-8866
22 May 2016 — ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161. ext/libxml/libxml.c en PHP en versiones anteriores a 5.5.22 y 5.6.x en versiones anteriores a 5.6.6, cuando se utiliza PHP-FPM, no aisla cada hilo de cambios libxml_dis... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=de31324c221c1791b26350ba106cc26bad23ace9 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-4345
https://notcve.org/view.php?id=CVE-2016-4345
22 May 2016 — Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow. Desbordamiento de entero en la función php_filter_encode_url en ext/filter/sanitizing_filters.c en PHP en versiones anteriores a 7.0.4 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificad... • http://php.net/ChangeLog-7.php • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 3%CPEs: 30EXPL: 1CVE-2016-4537 – php: bcpowmod accepts negative scale causing heap buffer overflow corrupting _one_ definition
https://notcve.org/view.php?id=CVE-2016-4537
22 May 2016 — The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call. La función bcpowmod en ext/bcmath/bcmath.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 acepta un entero negativo para el argumento escala, lo que permite a a... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow •