CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 1CVE-2016-3959 – golang: infinite loop in several big integer routines
https://notcve.org/view.php?id=CVE-2016-3959
23 May 2016 — The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certificates or SSH server libraries. La función Verify en crypto/dsa/dsa.go en Go en versiones anteriores a 1.5.4 y 1.6.x en versiones anteriores a 1.6.1 no comprueba correctamente los parámetros pasados a la gran lib... • https://github.com/alexmullins/dsa • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.2EPSS: 0%CPEs: 21EXPL: 0CVE-2016-4482 – Ubuntu Security Notice USN-3016-4
https://notcve.org/view.php?id=CVE-2016-4482
23 May 2016 — The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call. La función proc_connectinfo en drivers/usb/core/devio.c en el kernel de Linux hasta la versión 4.6 no inicializa una estructura de datos determinada, lo que permite a usuarios locales obtener información sensible del kernel de memoria de pila a tr... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=681fef8380eb818c0b845fca5d2ab1dcbab114ee • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 2%CPEs: 30EXPL: 1CVE-2016-4537 – php: bcpowmod accepts negative scale causing heap buffer overflow corrupting _one_ definition
https://notcve.org/view.php?id=CVE-2016-4537
22 May 2016 — The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call. La función bcpowmod en ext/bcmath/bcmath.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 acepta un entero negativo para el argumento escala, lo que permite a a... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 2%CPEs: 30EXPL: 1CVE-2016-4538 – php: bcpowmod accepts negative scale causing heap buffer overflow corrupting _one_ definition
https://notcve.org/view.php?id=CVE-2016-4538
22 May 2016 — The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call. La función bcpowmod en ext/bcmath/bcmath.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 2%CPEs: 30EXPL: 1CVE-2016-4539 – php: xml_parse_into_struct() can crash when XML parser is re-used
https://notcve.org/view.php?id=CVE-2016-4539
22 May 2016 — The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero. La función xml_parse_into_struct en ext/xml/xml.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 permite a ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 30EXPL: 1CVE-2016-4540 – php: OOB read in grapheme_stripos and grapheme_strpos when negative offset is used
https://notcve.org/view.php?id=CVE-2016-4540
22 May 2016 — The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset. La función grapheme_stripos en ext/intl/grapheme/grapheme_string.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 permite a atacantes remotos provocar una denegación de ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 30EXPL: 1CVE-2016-4541 – php: OOB read in grapheme_stripos and grapheme_strpos when negative offset is used
https://notcve.org/view.php?id=CVE-2016-4541
22 May 2016 — The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset. La función grapheme_strpos en ext/intl/grapheme/grapheme_string.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 permite a atacantes remotos provocar una denegación de se... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 30EXPL: 1CVE-2016-4542 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
https://notcve.org/view.php?id=CVE-2016-4542
22 May 2016 — The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_IFD_TAG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no construye adecuadamente argu... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 31EXPL: 1CVE-2016-4543 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
https://notcve.org/view.php?id=CVE-2016-4543
22 May 2016 — The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_IFD_in_JPEG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no valida tamaños IFD, lo que permite a at... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 4%CPEs: 7EXPL: 1CVE-2016-4544 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
https://notcve.org/view.php?id=CVE-2016-4544
22 May 2016 — The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_TIFF_in_JPEG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no valida los datos de inicio TIFF... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •