CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-7568 – Gentoo Linux Security Advisory 201612-09
https://notcve.org/view.php?id=CVE-2016-7568
28 Sep 2016 — Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls. Desbordamiento de entero en la función gdImageWebpCtx en gd_webp.c en la GD Graphics Library (también conocido como libgd) hasta la versión 2.2.3, tal como se utiliza en PHP hasta la versión 7.0.1... • http://www.debian.org/security/2016/dsa-3693 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 3%CPEs: 6EXPL: 0CVE-2016-6207 – php,gd: Integer overflow error within _gdContributionsAlloc()
https://notcve.org/view.php?id=CVE-2016-6207
22 Jul 2016 — Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors. Desbordamiento de entero en la función _gdContributionsAlloc en gd_interpolation.c en GD Graphics Library (también conocida como libgd) en versiones anteriores a 2.2.3 permite a atacantes remotos causar una denegación de servicio (escritura de memoria fuera ... • http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 2%CPEs: 3EXPL: 0CVE-2016-6132 – Gentoo Linux Security Advisory 201612-09
https://notcve.org/view.php?id=CVE-2016-6132
18 Jul 2016 — The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file. La función gdImageCreateFromTgaCtx en GD Graphics Library (también conocida como libgd) en versiones anteriores a 2.2.3 permite a atacantes remotos causar una denegación de servicio (lectura fuera de límites) a través de un archivo TGA manipulado. It was discovered that the GD library incorrectly handled certain malformed T... • http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 9%CPEs: 3EXPL: 0CVE-2016-6214 – Debian Security Advisory 3619-1
https://notcve.org/view.php?id=CVE-2016-6214
18 Jul 2016 — gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file. gd_tga.c en GD Graphics Library (también conocida como libgd) en versiones anteriores a 2.2.3 permite a atacantes remotos causar una denegación de servicio (lectura fuera de límites) a través de un archivo TGA manipulado. It was discovered that the GD library incorrectly handled certain malformed TGA images. If a user or automated system were tricked ... • http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 2%CPEs: 49EXPL: 0CVE-2016-5116 – Debian Security Advisory 3619-1
https://notcve.org/view.php?id=CVE-2016-5116
11 Jul 2016 — gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and application crash) via a long name. gd_xbm.c en la GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.2.0, como se utiliza en ciertas configuraciones personalizadas PHP 5.5.x, permite a atacantes dependientes del context... • http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 13%CPEs: 9EXPL: 0CVE-2016-6128 – gd: Invalid color index not properly handled
https://notcve.org/view.php?id=CVE-2016-6128
11 Jul 2016 — The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index. La función gdImageCropThreshold en gd_crop.c en la GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.2.3, como se utiliza en PHP en versiones anteriores a 7.0.9, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a trav... • http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-6161 – Debian Security Advisory 3619-1
https://notcve.org/view.php?id=CVE-2016-6161
11 Jul 2016 — The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image. La función de salida en gd_gif_out.c en GD Graphics Library (también conocida como libgd) permite a atacantes remotos causar una denegación de servicio (lectura fuera de límites) a través de una imagen manipulada. It was discovered that the GD library incorrectly handled memory when using gdImageScaleTwoPass(). A remote attacker could possi... • http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 15%CPEs: 62EXPL: 2CVE-2016-5766 – gd: Integer overflow in _gd2GetHeader() resulting in heap overflow
https://notcve.org/view.php?id=CVE-2016-5766
26 Jun 2016 — Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image. Desbordamiento de entero en la función _gd2GetHeader en gd_gd2.c en la GD Graphics Library (también conocido como libgd) en versiones anter... • http://github.com/php/php-src/commit/7722455726bec8c53458a32851d2a87982cf0eac?w=1 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 3%CPEs: 41EXPL: 0CVE-2016-5767 – gd: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
https://notcve.org/view.php?id=CVE-2016-5767
26 Jun 2016 — Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions. Desbordamiento de entero en la función gdImageCreate en gd.c en la GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.0.34... • http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.6EPSS: 2%CPEs: 39EXPL: 1CVE-2013-7456 – gd: incorrect boundary adjustment in _gdContributionsCalc
https://notcve.org/view.php?id=CVE-2013-7456
27 May 2016 — gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function. gd_interpolation.c en la GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.1.1, tal como se usa en PHP en versiones anteriores 5.5.36, 5.6.x en versiones an... • http://php.net/ChangeLog-5.php • CWE-125: Out-of-bounds Read •