Lucene search
K

73 matches found

OSV
OSV
added 2017/05/23 4:29 a.m.2 views

UBUNTU-CVE-2017-9191

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rlefread function in input-tga.c:252:15...

9.8CVSS7.5AI score0.01775EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2017/05/23 12:0 a.m.2 views

PT-2017-18773 · Autotrace +1 · Autotrace +1

Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 Description: The issue is related to a heap-based buffer overflow in the rle fread function, located in the input-tga.c file. This function is part of the AutoTrace library, specifically libautotrace.a. The overflow...

9.8CVSS6.7AI score0.02468EPSS
Exploits0References62
Microsoft KB
Microsoft KB
added 2017/04/18 12:0 a.m.4 views

Update for Windows Server 2008 and Windows Vista (KB3217877)

Update for Windows Server 2008 and Windows Vista KB3217877 Issues that are fixed This update fixes the following issue: When you use the fre ad function to read data from a pipe in Windows Vista Service Pack 2, the runtime program may omit line feed LF characters between lines and cause corrupted...

6.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.3 views

php: Int/size_t confusion in SplFileObject::fread

A type confusion issue was found in the SPLFileObject fread function. A remote attacker able to submit a specially crafted input to a PHP application, which uses this function, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application...

9.8CVSS7.8AI score0.07337EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.4 views

php: Integer underflow causing arbitrary null write in fread/gzread

Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument...

8.6CVSS7.4AI score0.04397EPSS
Exploits1References4
Cloud Foundry
Cloud Foundry
added 2016/09/09 12:0 a.m.93 views

USN-3045-1 PHP vulnerabilities | Cloud Foundry

USN-3045-1 PHP vulnerabilities Medium Vendor PHP Versions Affected Cloud Foundry PHP buildpack versions prior to 4.3.18 Note: The PHP buildpack is patched from upstream PHP source Description It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker...

9.8CVSS9.1AI score0.50427EPSS
Exploits26
OpenVAS
OpenVAS
added 2016/08/17 12:0 a.m.49 views

PHP < 5.5.36, 5.6.x < 5.6.22 Multiple Vulnerabilities (Aug 2016) - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

8.6CVSS9.5AI score0.0464EPSS
Exploits1References4
CNVD
CNVD
added 2016/08/10 12:0 a.m.1 views

PHP SPL Extended Integer Overflow Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.SPL Standard PHP Library is a collection of interfaces and class extensions for solving typical problems. SPL Standard PHP Library is an extensio...

9.8CVSS9.2AI score0.07337EPSS
Exploits1References1
NVD
NVD
added 2016/08/07 10:59 a.m.37 views

CVE-2016-5770

Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...

9.8CVSS9.4AI score0.07337EPSS
Exploits1References12
NVD
NVD
added 2016/08/07 10:59 a.m.36 views

CVE-2016-5096

Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument...

8.6CVSS8.8AI score0.04397EPSS
Exploits1References8
Prion
Prion
added 2016/08/07 10:59 a.m.42 views

Integer overflow

Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...

7.5CVSS9.2AI score0.07337EPSS
Exploits2References12Affected Software4
Prion
Prion
added 2016/08/07 10:59 a.m.32 views

Integer overflow

Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument...

7.5CVSS9.8AI score0.04397EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2016/08/07 10:0 a.m.313 views

CVE-2016-5770

CVE-2016-5770 involves an integer overflow in the SplFileObject::fread function (spl_directory.c) of the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23. The overflow can be triggered by a large integer argument, enabling remote denial of service or other unspecified impact. Root cause...

9.8CVSS8.3AI score0.07337EPSS
Exploits1References12Affected Software1
Cvelist
Cvelist
added 2016/08/07 10:0 a.m.39 views

CVE-2016-5096

Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument...

9.3AI score0.04397EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2016/08/07 10:0 a.m.59 views

CVE-2016-5770

Removed by vendor...

9.8CVSS7.7AI score0.07337EPSS
Exploits1
OSV
OSV
added 2016/08/02 3:44 p.m.2 views

USN-3045-1 php5, php7.0 vulnerabilities

It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-4116 ...

9.8CVSS7.2AI score0.50427EPSS
Exploits26References26
RedhatCVE
RedhatCVE
added 2016/06/29 12:18 p.m.33 views

CVE-2016-5770

A type confusion issue was found in the SPLFileObject fread function. A remote attacker able to submit a specially crafted input to a PHP application, which uses this function, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application...

9.8CVSS4.4AI score0.07337EPSS
Exploits1References1
OSV
OSV
added 2016/06/29 12:0 a.m.54 views

DLA-533-1 php5 - security update

Bulletin has no description...

9.8CVSS7.9AI score0.05487EPSS
Exploits2
Hacker One
Hacker One
added 2016/06/21 7:29 a.m.15 views

Internet Bug Bounty: Integer Overflow in SplFileObject::fread

https://bugs.php.net/bug.php?id=72262...

6.9AI score
Exploits0
UbuntuCve
UbuntuCve
added 2016/05/30 12:0 a.m.31 views

CVE-2016-5096

Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument...

8.6CVSS7.2AI score0.04397EPSS
Exploits1References3
Rows per page
Query Builder