CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 1CVE-2016-9137 – Ubuntu Security Notice USN-3196-1
https://notcve.org/view.php?id=CVE-2016-9137
04 Jan 2017 — Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing. Vulnerabilidad de uso después de liberación de memoria en la implementación de CURLFile en ext/curl/curl_file.c en PHP en versiones anteriores a 5.6.27 y 7.x en versiones anteriores a 7.0.12 permite a atacantes remo... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0e6fe3a4c96be2d3e88389a5776f878021b4c59f • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2016-9138
https://notcve.org/view.php?id=CVE-2016-9138
04 Jan 2017 — PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::__toString with DateInterval::__wakeup. PHP hasta la versión 5.6.27 y 7.x hasta la versión 7.0.12 no maneja adecuadamente la modificación de propiedades durante el procesamiento de __wakeup, lo que permite a atacantes remotos provocar una denegación... • http://www.openwall.com/lists/oss-security/2016/11/01/2 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 8%CPEs: 14EXPL: 0CVE-2016-9933 – gd: Stack overflow in gdImageFillToBorder on truecolor images
https://notcve.org/view.php?id=CVE-2016-9933
13 Dec 2016 — Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value. Vulnerabilidad de consumo de pila en la función gdImageFillToBorder en gd.c en la GD Graphics Library (también conocida como libgd) en versiones anteriores a 2.2.2, como s... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00133.html • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 10%CPEs: 14EXPL: 0CVE-2016-9934 – php: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow
https://notcve.org/view.php?id=CVE-2016-9934
13 Dec 2016 — ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string. ext/wddx/wddx.c en PHP en versiones anteriores a 5.6.28 y 7.x en versiones anteriores a 7.0.13 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL) a través datos serializados manipulados en un documento wddxPacket XML, como se demuestra po... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 2%CPEs: 15EXPL: 0CVE-2016-9935 – php: Invalid read when wddx decodes empty boolean element
https://notcve.org/view.php?id=CVE-2016-9935
13 Dec 2016 — The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document. La función php_wddx_push_element en ext/wddx/wddx.c en PHP en versiones anteriores a 5.6.29 y 7.x en versiones anteriores a 7.0.14 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 21%CPEs: 34EXPL: 1CVE-2016-4473 – php: Invalid free() instead of efree() in phar_extract_file()
https://notcve.org/view.php?id=CVE-2016-4473
15 Nov 2016 — /ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. NOTE: Introduced as part of an incomplete fix to CVE-2015-6833. /ext/phar/phar_object.c en PHP 7.0.7 y 5.6.x permite a atacantes remotos ejecutar código arbitrario. NOTA: completa la información del CVE-2015-6833. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. • http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00007.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 15EXPL: 0CVE-2016-8670 – Apple Security Advisory 2017-01-23-2
https://notcve.org/view.php?id=CVE-2016-8670
01 Nov 2016 — Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call. Error de firma de enteros en la función dynamicGetbuf en gd_io_dp.c en la librería de gráficos GD (también conocido como libgd) hasta la versión 2.2.3 como se utiliza en ... • http://www.debian.org/security/2016/dsa-3693 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-7568 – Gentoo Linux Security Advisory 201612-09
https://notcve.org/view.php?id=CVE-2016-7568
28 Sep 2016 — Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls. Desbordamiento de entero en la función gdImageWebpCtx en gd_webp.c en la GD Graphics Library (también conocido como libgd) hasta la versión 2.2.3, tal como se utiliza en PHP hasta la versión 7.0.1... • http://www.debian.org/security/2016/dsa-3693 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2016-7411 – Apple Security Advisory 2016-12-13-1
https://notcve.org/view.php?id=CVE-2016-7411
17 Sep 2016 — ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object. ext/standard/var_unserializer.re en PHP en versiones anteriores a 5.6.26 no maneja correctamente los fallos de deserialización de objeto, lo que podría permitir a atacantes remotos provocar una denegación de servicio (cor... • http://www.openwall.com/lists/oss-security/2016/09/15/10 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 3%CPEs: 12EXPL: 1CVE-2016-7412 – php: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field
https://notcve.org/view.php?id=CVE-2016-7412
17 Sep 2016 — ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata. ext/mysqlnd/mysqlnd_wireprotocol.c en PHP en versiones anteriores a 5.6.26 y 7.x en versiones anteriores a 7.0.11 no verifica que un campo BIT tenga el indicador UNSIGNED_FLAG, lo que podría permitir a servidore... • http://www.openwall.com/lists/oss-security/2016/09/15/10 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •