PHP 7.0.x < 7.0.21 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.21. It is, therefore, affected by the following vulnerabilities : - An out-of-bounds read error exists in the PCRE library in the compilebracketmatchingpath function within file pcrejitcompile.c. An...

PHP 7.0.x < 7.0.15 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.15. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability exists due to a use-after-free error in the unserialize function that is triggered when usin...

PHP 5.6.x < 5.6.24 Multiple Vulnerabilities (httpoxy)

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.24. It is, therefore, affected by multiple vulnerabilities : - A man-in-the-middle vulnerability exists, known as 'httpoxy', due to a failure to properly resolve namespace conflicts in accordance wi...

UBUNTU-CVE-2018-12407

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox 64...

[SECURITY] Fedora 29 Update: cairo-1.16.0-3.fc29

Cairo is a 2D graphics library designed to provide high-quality display and print output. Currently supported output targets include the X Window System, in-memory image buffers, and image files PDF, PostScript, and SVG. Cairo is designed to produce consistent output on all output media while...

CVE-2018-17334

An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svgstring.c allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact because a strncpy copy limit is miscalculated...

EulerOS Virtualization 2.5.0 : php (EulerOS-SA-2018-1249)

According to the version of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7...

[SECURITY] Fedora 27 Update: gd-2.2.5-6.fc27

The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...

[SECURITY] Fedora 27 Update: ghostscript-9.22-5.fc27

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...

[SECURITY] Fedora 28 Update: gd-2.2.5-6.fc28

The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...

USN-3755-1: GD vulnerabilities

It was discovered that GD incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. CVE-2018-1000222 It was discovered that GD incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-571...

Mozilla Firefox ESR < 52.4 Multiple Vulnerabilities

Binary data 700331.prm...

DEBIAN-CVE-2018-1000222

Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit...

chromium-browser: Heap buffer overflow in WebGL

Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in php

Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in php. Vulnerability Details CVEID: CVE-2018-7584 DESCRIPTION: PHP is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the phpstreamurlwraphttpex function in...

Google Chrome heap buffer overflow vulnerability (CNVD-2018-17041)

Google Chrome is a web browser developed by the American company Google Google. A heap buffer overflow vulnerability exists in WebGL in Google Chrome. An attacker can exploit the vulnerability to execute arbitrary code in the browser context...

CVE-2017-7845

A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects...

DEBIAN-CVE-2017-7824

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR...

CVE-2017-7824

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR...

CVE-2017-7824

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR...