CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2016-9138
https://notcve.org/view.php?id=CVE-2016-9138
04 Jan 2017 — PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::__toString with DateInterval::__wakeup. PHP hasta la versión 5.6.27 y 7.x hasta la versión 7.0.12 no maneja adecuadamente la modificación de propiedades durante el procesamiento de __wakeup, lo que permite a atacantes remotos provocar una denegación... • http://www.openwall.com/lists/oss-security/2016/11/01/2 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 1CVE-2016-9936 – php: Use After Free in unserialize()
https://notcve.org/view.php?id=CVE-2016-9936
04 Jan 2017 — The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted serialized data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6834. La implementación no serializada en ext/standard/var.c en PHP 7.x en versiones anteriores a 7.0.14 permite a atacantes remotos provocar una denegación de servicio (uso después de liberación) o posiblemente tener o... • http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 8%CPEs: 14EXPL: 0CVE-2016-9933 – gd: Stack overflow in gdImageFillToBorder on truecolor images
https://notcve.org/view.php?id=CVE-2016-9933
13 Dec 2016 — Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value. Vulnerabilidad de consumo de pila en la función gdImageFillToBorder en gd.c en la GD Graphics Library (también conocida como libgd) en versiones anteriores a 2.2.2, como s... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00133.html • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 10%CPEs: 14EXPL: 0CVE-2016-9934 – php: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow
https://notcve.org/view.php?id=CVE-2016-9934
13 Dec 2016 — ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string. ext/wddx/wddx.c en PHP en versiones anteriores a 5.6.28 y 7.x en versiones anteriores a 7.0.13 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL) a través datos serializados manipulados en un documento wddxPacket XML, como se demuestra po... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 2%CPEs: 15EXPL: 0CVE-2016-9935 – php: Invalid read when wddx decodes empty boolean element
https://notcve.org/view.php?id=CVE-2016-9935
13 Dec 2016 — The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document. La función php_wddx_push_element en ext/wddx/wddx.c en PHP en versiones anteriores a 5.6.29 y 7.x en versiones anteriores a 7.0.14 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 21%CPEs: 34EXPL: 1CVE-2016-4473 – php: Invalid free() instead of efree() in phar_extract_file()
https://notcve.org/view.php?id=CVE-2016-4473
15 Nov 2016 — /ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. NOTE: Introduced as part of an incomplete fix to CVE-2015-6833. /ext/phar/phar_object.c en PHP 7.0.7 y 5.6.x permite a atacantes remotos ejecutar código arbitrario. NOTA: completa la información del CVE-2015-6833. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. • http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00007.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 15EXPL: 0CVE-2016-8670 – Apple Security Advisory 2017-01-23-2
https://notcve.org/view.php?id=CVE-2016-8670
01 Nov 2016 — Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call. Error de firma de enteros en la función dynamicGetbuf en gd_io_dp.c en la librería de gráficos GD (también conocido como libgd) hasta la versión 2.2.3 como se utiliza en ... • http://www.debian.org/security/2016/dsa-3693 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-7568 – Gentoo Linux Security Advisory 201612-09
https://notcve.org/view.php?id=CVE-2016-7568
28 Sep 2016 — Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls. Desbordamiento de entero en la función gdImageWebpCtx en gd_webp.c en la GD Graphics Library (también conocido como libgd) hasta la versión 2.2.3, tal como se utiliza en PHP hasta la versión 7.0.1... • http://www.debian.org/security/2016/dsa-3693 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 3%CPEs: 12EXPL: 1CVE-2016-7412 – php: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field
https://notcve.org/view.php?id=CVE-2016-7412
17 Sep 2016 — ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata. ext/mysqlnd/mysqlnd_wireprotocol.c en PHP en versiones anteriores a 5.6.26 y 7.x en versiones anteriores a 7.0.11 no verifica que un campo BIT tenga el indicador UNSIGNED_FLAG, lo que podría permitir a servidore... • http://www.openwall.com/lists/oss-security/2016/09/15/10 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 3%CPEs: 12EXPL: 1CVE-2016-7413 – php: Use after free in wddx_deserialize
https://notcve.org/view.php?id=CVE-2016-7413
17 Sep 2016 — Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field element, leading to mishandling in a wddx_deserialize call. Vulnerabilidad de uso después de liberación de memoria en la función wddx_stack_destroy en ext/wddx/wddx.c en PHP en versiones anteriores a 5.6.26 y 7.x en v... • http://www.openwall.com/lists/oss-security/2016/09/15/10 • CWE-416: Use After Free •