Lucene search
K

15 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.53 views

K95375529: PHP vulnerabilities CVE-2013-7456, CVE-2016-4343, and CVE-2016-5093

Security Advisory Description CVE-2013-7456 gdinterpolation.c in the GD Graphics Library aka libgd before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impa...

8.8CVSS9.1AI score0.05487EPSS
Exploits3
SUSE CVE
SUSE CVE
added 2023/02/15 5:3 a.m.4 views

SUSE CVE-2016-4343

The pharmakedirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service uninitialized pointer dereference or possibly have unspecified other impact via a crafted TAR archi...

8.8CVSS8.3AI score0.0421EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2016/05/26 12:0 a.m.59 views

php -- multiple vulnerabilities

The PHP Group reports: Core: Fixed bug 72114 Integer underflow / arbitrary null write in fread/gzread. CVE-2016-5096 PHP 5.5/5.6 only Fixed bug 72135 Integer Overflow in phphtmlentities. CVE-2016-5094 PHP 5.5/5.6 only GD: Fixed bug 72227 imagescale out-of-bounds read. CVE-2013-7456 Intl: Fixed bu...

8.8CVSS7.6AI score0.05487EPSS
Exploits4References3
NVD
NVD
added 2016/05/22 1:59 a.m.30 views

CVE-2016-4343

The pharmakedirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service uninitialized pointer dereference or possibly have unspecified other impact via a crafted TAR archi...

8.8CVSS9.3AI score0.0421EPSS
Exploits1References10
EUVD
EUVD
added 2016/05/22 1:0 a.m.1 views

EUVD-2016-5343

The pharmakedirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service uninitialized pointer dereference or possibly have unspecified other impact via a crafted TAR archi...

8.8CVSS8.2AI score0.0421EPSS
Exploits1References14
Debian CVE
Debian CVE
added 2016/05/22 1:0 a.m.40 views

CVE-2016-4343

Removed by vendor...

8.8CVSS8.7AI score0.0421EPSS
Exploits1
CNVD
CNVD
added 2016/04/30 12:0 a.m.0 views

PHP 'phar_make_dirstream()' function denial of service vulnerability

PHP is an open source general-purpose computer scripting language. A security vulnerability in PHP's 'pharmakedirstream' function allows remote attackers to use the vulnerability to crash an application or execute arbitrary code...

8.8CVSS8.8AI score0.0421EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2016/02/11 12:0 a.m.125 views

PHP 7.0.x < 7.0.3 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.3. It is, therefore, affected by multiple vulnerabilities : - The Perl-Compatible Regular Expressions PCRE library is affected by multiple vulnerabilities related to the handling of regular...

10CVSS8.9AI score0.10997EPSS
Exploits4References12
Hacker One
Hacker One
added 2016/01/11 4:12 a.m.14 views

Internet Bug Bounty: Uninitialized pointer in phar_make_dirstream()

https://bugs.php.net/bug.php?id=71331...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/10/22 12:0 a.m.47 views

Amazon Linux AMI : php56 (ALAS-2015-601)

As reported upstream, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7803 A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the...

9.8CVSS8.1AI score0.46801EPSS
Exploits7References10
Amazon
Amazon
added 2015/10/20 12:0 a.m.80 views

Medium: php55

Issue Overview: As reported upstream https://bugs.php.net/bug.php?id=69720, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7803 A flaw was discovered in the way PHP performed object...

9.8CVSS9.1AI score0.46801EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2015/10/06 12:0 a.m.14 views

PHP 5.5.x < 5.5.30 / 5.6.x < 5.6.14 Multiple Vulnerabilities

Binary data 8956.prm...

6.8CVSS7.3AI score0.10288EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/10/06 12:0 a.m.128 views

PHP 5.6.x < 5.6.14 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.14. It is, therefore, affected by multiple vulnerabilities : - A NULL pointer dereference flaw exists in the phargetfpoffset function in ext/phar/util.c that is triggered when pointing to a...

6.8CVSS7.9AI score0.10288EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/10/06 12:0 a.m.107 views

PHP 5.5.x < 5.5.30 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.5.x prior to 5.5.30. It is, therefore, affected by the following vulnerabilities : - A NULL pointer dereference flaw exists in the phargetfpoffset function in ext/phar/util.c that is triggered when pointing to a...

6.8CVSS8.1AI score0.10288EPSS
Exploits0References3
Hacker One
Hacker One
added 2015/09/05 12:0 a.m.104 views

Internet Bug Bounty: Uninitialized pointer in phar_make_dirstream

https://bugs.php.net/bug.php?id=70433...

6.8CVSS8.3AI score0.08799EPSS
Exploits0
Rows per page
Query Builder