Lucene search
K

485 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 5 : gd,_php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gd, php: Stack based buffer overflow in dynamicGetbuf CVE-2016-8670 - The dynamicGetbuf function in the G...

8.2AI score0.04786EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/18 12:0 a.m.22 views

Debian dla-3781 : libgd-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3781 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3781-1 [email protected]...

7.5CVSS6.4AI score0.03407EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/07 10:45 p.m.53 views

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in PHP (CVE-2019-6978, CVE-2019-6977)

Summary The following vulnerabilities in PHP have been addressed by IBM Flex System Chassis Management Module CMM. Vulnerability Details CVEID: CVE-2019-6978 DESCRIPTION: The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c...

9.8CVSS0.7AI score0.65116EPSS
Exploits7Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.45 views

Rocky Linux 8 : gd (RLSA-2020:4659)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4659 advisory. - gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific functio...

9.8CVSS7.5AI score0.65116EPSS
Exploits7References7
Tenable Nessus
Tenable Nessus
added 2023/10/21 12:0 a.m.35 views

Ubuntu 16.04 LTS / 18.04 LTS : GD Graphics Library vulnerabilities (USN-4316-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4316-1 advisory. It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphi...

7.5CVSS5.8AI score0.04332EPSS
Exploits1References3
Photon
Photon
added 2023/07/27 12:0 a.m.28 views

Moderate Photon OS Security Update - PHSA-2023-4.0-0438

Updates of 'libgd' packages of Photon OS have been released...

6.5CVSS7.3AI score0.01659EPSS
Exploits0
Photon
Photon
added 2023/07/13 12:0 a.m.36 views

Moderate Photon OS Security Update - PHSA-2023-3.0-0612

Updates of 'libgd' packages of Photon OS have been released...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.33 views

Amazon Linux AMI : gd (ALAS-2023-1721)

The version of gd installed on the remote host is prior to 2.0.35-11.11. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1721 advisory. DISPUTED gdImageGd2Ptr in gdgd2.c in the GD Graphics Library aka LibGD through 2.3.2 has a double free. NOTE: the vendor's position ...

7.5CVSS6.4AI score0.02051EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2023/02/21 7:55 p.m.42 views

K21336065: GD Graphics Library vulnerability CVE-2016-8670

Security Advisory Description Integer signedness error in the dynamicGetbuf function in gdiodp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service stack-based buffer overflow or possibly hav...

9.8CVSS9.6AI score0.04786EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:0 p.m.46 views

K71581599: libgd vulnerability CVE-2016-6161

Security Advisory Description The output function in gdgifout.c in the GD Graphics Library aka libgd allows remote attackers to cause a denial of service out-of-bounds read via a crafted image. CVE-2016-6161 Impact When using PHP to generate GIF images, it is possible for a specially crafted GD2...

6.5CVSS6.8AI score0.02772EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:59 p.m.29 views

K43267483: PHP vulnerability CVE-2016-5766

Security Advisory Description Integer overflow in the gd2GetHeader function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service heap-based buffer overflow and...

8.8CVSS8.7AI score0.07495EPSS
Exploits1Affected Software22
F5 Networks
F5 Networks
added 2023/02/21 6:52 p.m.51 views

K43223005: PHP vulnerability CVE-2018-5711

Security Advisory Description gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the...

5.5CVSS6.4AI score0.13204EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.34 views

K38016814: PHP and libgd vulnerabilities CVE-2016-5116, CVE-2016-6128, CVE-2016-6132, and CVE-2016-6214

Security Advisory Description CVE-2016-5116 gdxbm.c in the GD Graphics Library aka libgd before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service stack-based buffer...

9.1CVSS7.2AI score0.06805EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.30 views

K31542650: PHP and libGD vulnerability CVE-2016-7568

Security Advisory Description Integer overflow in the gdImageWebpCtx function in gdwebp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact vi...

9.8CVSS10AI score0.05101EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:33 p.m.37 views

K23731034: PHP & libGD vulnerability CVE-2016-10167

Security Advisory Description The gdImageCreateFromGd2Ctx function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted image file. CVE-2016-10167 Impact There is no impact; F5 products are not affected b...

5.5CVSS6.4AI score0.03736EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:33 p.m.104 views

K01709026: PHP vulnerabilities CVE-2017-7890 and CVE-2017-9226

Security Advisory Description CVE-2017-7890 The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized...

9.8CVSS7AI score0.07511EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-2756

The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service CPU consumption via a crafted PNG image with truncated data, which causes an infinite loop in the pngreadinfo function in libpng...

4.3CVSS6.2AI score0.04267EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.4 views

SUSE CVE-2007-3474

Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library libgd before 2.0.35 have unspecified impact and user-assisted remote attack vectors...

2.6CVSS7.4AI score0.02538EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.7 views

SUSE CVE-2007-3996

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large 1 srcW or 2 srcH value to the a gdImageCopyResized function, or a large 3 sy height or 4 sx width value to the b...

6.8CVSS8.1AI score0.04219EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.5 views

SUSE CVE-2015-8877

The gdImageScaleTwoPass function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service memory consumption via a crafted call, as demonstrated ...

7.5CVSS8.9AI score0.03647EPSS
Exploits1References5
Rows per page
Query Builder