CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 1CVE-2018-10546 – php: Infinite loop in ext/iconv/iconv.c when using stream filter with convert.incov on invalid sequence leads to denial-of-service
https://notcve.org/view.php?id=CVE-2018-10546
29 Apr 2018 — An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences. Se ha descubierto un problema en PHP en versiones anteriores a la 5.6.36, versiones 7.0.x anteriores a la 7.0.30, versiones 7.1.x anteriores a la 7.1.17 y versiones 7.2.x anteriores a la 7.2.5. Existe un bucle infinito en ext/iconv/iconv.c debido a que el filtro de transmisione... • https://github.com/dsfau/CVE-2018-10546 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.1EPSS: 2%CPEs: 13EXPL: 0CVE-2018-10547 – php: Reflected XSS vulnerability on PHAR 403 and 404 error pages
https://notcve.org/view.php?id=CVE-2018-10547
29 Apr 2018 — An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712. Se ha descubierto un problema en ext/phar/phar_object.c en PHP en versiones anteriores a la 5.6.36, versiones 7.0.x anteriores a la 7.0.30, versiones 7.1.x anteriores a la 7.1.17 y versio... • http://php.net/ChangeLog-5.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 17%CPEs: 11EXPL: 2CVE-2018-7584 – PHP 7.2.2 - 'php_stream_url_wrap_http_ex' Buffer Overflow
https://notcve.org/view.php?id=CVE-2018-7584
01 Mar 2018 — In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string. En PHP hasta la versión 5.6.33, versiones 7.0.x anteriores a la 7.0.28, versiones 7.1.x hasta la 7.1.14 y versiones 7.2.x hasta la 7.2.2, hay una sublectura de búfer basada en pila al analizar una respuesta HTTP en... • https://packetstorm.news/files/id/148068 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 4CVE-2015-9253 – Ubuntu Security Notice USN-5300-1
https://notcve.org/view.php?id=CVE-2015-9253
19 Feb 2018 — An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility. Se ha descubierto un problema en PHP en... • https://bugs.php.net/bug.php?id=70185 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2016-10712 – Ubuntu Security Notice USN-3566-2
https://notcve.org/view.php?id=CVE-2016-10712
09 Feb 2018 — In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of stream_get_meta_data can be controlled if the input can be controlled (e.g., during file uploads). For example, a "$uri = stream_get_meta_data(fopen($file, "r"))['uri']" call mishandles the case where $file is data:text/plain;uri=eviluri, -- in other words, metadata can be set by an attacker. En PHP, en versiones anteriores a la 5.5.32, versiones 5.6.x anteriores a la 5.6.18 y versiones 7.x anteriores a la 7.0.3, to... • https://bugs.php.net/bug.php?id=71323 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 2CVE-2018-5711 – gd: Infinite loop in gdImageCreateFromGifCtx() in gd_gif_in.c
https://notcve.org/view.php?id=CVE-2018-5711
16 Jan 2018 — gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx. gd_gif_in.c en GD Graphics Library (también conocida como libgd), tal y como se emplea en PHP en versiones anteriores a la 5.6.33... • https://github.com/huzhenghui/Test-7-2-0-PHP-CVE-2018-5711 • CWE-681: Incorrect Conversion between Numeric Types CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.1EPSS: 20%CPEs: 9EXPL: 0CVE-2018-5712 – php: Reflected XSS on PHAR 404 page
https://notcve.org/view.php?id=CVE-2018-5712
16 Jan 2018 — An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. Se ha descubierto un problema en PHP en versiones anteriores a la 5.6.33, versiones 7.0.x anteriores a la 7.0.27, versiones 7.1.x anteriores a la 7.1.13 y versiones 7.2.x anteriores a la 7.2.1. Hay XSS reflejado en la página de error PHAR 404 mediante el URI de una petición de un archivo .phar. It was disc... • http://php.net/ChangeLog-5.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2017-16642 – PHP 7.1.8 - Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-16642
07 Nov 2017 — In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145. En PHP, en versiones anteriores a la 5.6.32, versiones 7.x anteriores a la 7.0.25 y versiones 7.1.x an... • https://www.exploit-db.com/exploits/43133 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-12868
https://notcve.org/view.php?id=CVE-2017-12868
01 Sep 2017 — The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation. El método secureCompare en lib/SimpleSAML/Utils/Crypto.php en SimpleSAMLphp 1.14.13 y anteriores, al usarse con PHP en versiones anteriores a la 5.6, permite que los atacantes lleven a cabo ataques de fijación de sesión o que, ... • https://github.com/simplesamlphp/simplesamlphp/commit/4bc629658e7b7d17c9ac3fe0da7dc5df71f1b85e • CWE-384: Session Fixation •
CVSS: 9.8EPSS: 1%CPEs: 29EXPL: 0CVE-2017-12933 – php: buffer over-read in finish_nested_data function
https://notcve.org/view.php?id=CVE-2017-12933
18 Aug 2017 — The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP. La función finish_nested_data en ext/standard/var_unserializer.re en PHP en versiones anteriores a la 5.6.31, versiones 7.0.x anteriores a la 7.0.21 y versiones 7.1.x anteriores a la 7.1.7 es propenso a sufrir un buffer over-rea... • http://php.net/ChangeLog-5.php • CWE-125: Out-of-bounds Read •