Lucene search

K

PHP Security Vulnerabilities

cve
cve

CVE-2016-5768

Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a...

9.8CVSS

8.2AI Score

0.105EPSS

2016-08-07 10:59 AM
158
4
cve
cve

CVE-2016-5767

Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or...

8.8CVSS

8AI Score

0.04EPSS

2016-08-07 10:59 AM
226
4
cve
cve

CVE-2016-5766

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or...

8.8CVSS

8.2AI Score

0.242EPSS

2016-08-07 10:59 AM
317
4
cve
cve

CVE-2016-5116

gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and application crash) via a long...

9.1CVSS

8.1AI Score

0.007EPSS

2016-08-07 10:59 AM
75
4
cve
cve

CVE-2016-5114

sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and buffer overflow) via a...

9.1CVSS

6.9AI Score

0.012EPSS

2016-08-07 10:59 AM
98
4
cve
cve

CVE-2016-5096

Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second...

8.6CVSS

8.1AI Score

0.06EPSS

2016-08-07 10:59 AM
142
4
cve
cve

CVE-2016-5095

Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a...

8.6CVSS

8.2AI Score

0.049EPSS

2016-08-07 10:59 AM
92
4
cve
cve

CVE-2016-5094

Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars...

8.6CVSS

8AI Score

0.049EPSS

2016-08-07 10:59 AM
140
cve
cve

CVE-2016-5093

The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified...

8.6CVSS

7.7AI Score

0.024EPSS

2016-08-07 10:59 AM
154
4
cve
cve

CVE-2016-3132

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted...

9.8CVSS

9.5AI Score

0.048EPSS

2016-08-07 10:59 AM
26
cve
cve

CVE-2016-3078

Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the...

9.8CVSS

9.8AI Score

0.344EPSS

2016-08-07 10:59 AM
85
4
cve
cve

CVE-2015-8935

The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by...

6.1CVSS

6.9AI Score

0.003EPSS

2016-08-07 10:59 AM
54
cve
cve

CVE-2013-7456

gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is...

7.6CVSS

7.2AI Score

0.026EPSS

2016-08-07 10:59 AM
101
cve
cve

CVE-2016-6174

applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class...

8.1CVSS

8.3AI Score

0.222EPSS

2016-07-12 07:59 PM
54
4
cve
cve

CVE-2016-4346

Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer...

9.8CVSS

9.9AI Score

0.007EPSS

2016-05-22 01:59 AM
67
4
cve
cve

CVE-2016-4345

Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer...

9.8CVSS

10AI Score

0.005EPSS

2016-05-22 01:59 AM
98
4
cve
cve

CVE-2016-4344

Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8_encode function, leading to a heap-based buffer...

9.8CVSS

10AI Score

0.005EPSS

2016-05-22 01:59 AM
60
4
cve
cve

CVE-2016-4343

The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR...

8.8CVSS

7AI Score

0.291EPSS

2016-05-22 01:59 AM
102
4
cve
cve

CVE-2016-4342

ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR....

8.8CVSS

7.4AI Score

0.033EPSS

2016-05-22 01:59 AM
119
cve
cve

CVE-2015-8879

The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a...

7.5CVSS

7AI Score

0.008EPSS

2016-05-22 01:59 AM
107
4
cve
cve

CVE-2015-8877

The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as...

7.5CVSS

6.4AI Score

0.06EPSS

2016-05-22 01:59 AM
50
cve
cve

CVE-2015-8876

Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted...

9.8CVSS

7AI Score

0.035EPSS

2016-05-22 01:59 AM
177
cve
cve

CVE-2014-9767

Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP...

4.3CVSS

6.9AI Score

0.013EPSS

2016-05-22 01:59 AM
209
cve
cve

CVE-2016-2554

Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TAR...

9.8CVSS

8AI Score

0.084EPSS

2016-05-16 10:59 AM
302
cve
cve

CVE-2015-8874

Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder...

7.5CVSS

6.4AI Score

0.035EPSS

2016-05-16 10:59 AM
142
cve
cve

CVE-2015-8835

The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application crash) or possibly...

9.8CVSS

8.1AI Score

0.103EPSS

2016-05-16 10:59 AM
146
cve
cve

CVE-2015-4603

The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion"...

9.8CVSS

8AI Score

0.121EPSS

2016-05-16 10:59 AM
254
cve
cve

CVE-2015-4598

PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont...

6.5CVSS

7.5AI Score

0.007EPSS

2016-05-16 10:59 AM
101
cve
cve

CVE-2015-3152

Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM"...

5.9CVSS

5.6AI Score

0.002EPSS

2016-05-16 10:59 AM
91
2
cve
cve

CVE-2016-3074

Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer...

9.8CVSS

8.1AI Score

0.487EPSS

2016-04-26 02:59 PM
139
2
cve
cve

CVE-2016-3171

Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data...

8.1CVSS

8.3AI Score

0.043EPSS

2016-04-12 03:59 PM
56
cve
cve

CVE-2016-3167

Open redirect vulnerability in the drupal_goto function in Drupal 6.x before 6.38, when used with PHP before 5.4.7, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a double-encoded URL in the "destination"...

7.4CVSS

7.3AI Score

0.003EPSS

2016-04-12 03:59 PM
26
cve
cve

CVE-2016-1904

Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based buffer...

7.3CVSS

7.8AI Score

0.01EPSS

2016-01-19 05:59 AM
34
cve
cve

CVE-2016-1903

The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument...

9.1CVSS

6.7AI Score

0.089EPSS

2016-01-19 05:59 AM
90
4
cve
cve

CVE-2015-8617

Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.x before 7.0.1 allows remote attackers to execute arbitrary code via format string specifiers in a string that is misused as a class name, leading to incorrect error...

9.8CVSS

8.7AI Score

0.176EPSS

2016-01-19 05:59 AM
35
cve
cve

CVE-2015-8616

Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collator_sort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging the relationships between a key...

8.6CVSS

8.2AI Score

0.003EPSS

2016-01-19 05:59 AM
29
cve
cve

CVE-2016-1283

The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'){97)?J)?J)(?'R'(?'R'){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a...

9.8CVSS

9.6AI Score

0.016EPSS

2016-01-03 12:59 AM
121
5
cve
cve

CVE-2015-7782

Cross-site scripting (XSS) vulnerability in Let's PHP! Frame high-speed chat before 2015-09-22 allows remote attackers to inject arbitrary web script or HTML via unspecified...

6.1CVSS

5.9AI Score

0.001EPSS

2015-12-30 05:59 AM
25
cve
cve

CVE-2015-7783

Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS before 4.10 allows remote attackers to inject arbitrary web script or HTML via unspecified...

6.1CVSS

5.9AI Score

0.002EPSS

2015-12-27 07:59 PM
19
cve
cve

CVE-2015-7774

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor...

7.6AI Score

0.003EPSS

2015-11-14 03:59 AM
19
cve
cve

CVE-2015-2989

Cross-site scripting (XSS) vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle...

5.9AI Score

0.001EPSS

2015-09-07 02:59 PM
22
cve
cve

CVE-2014-2570

Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the name...

5.8AI Score

0.003EPSS

2015-08-31 06:59 PM
23
cve
cve

CVE-2015-2983

Cross-site request forgery (CSRF) vulnerability in admin.php in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote attackers to hijack the authentication of arbitrary...

7.5AI Score

0.002EPSS

2015-08-22 09:59 PM
19
cve
cve

CVE-2015-2982

Cross-site scripting (XSS) vulnerability in jquery.lightbox-0.5.min.js in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified input to...

5.5AI Score

0.002EPSS

2015-08-22 09:59 PM
20
cve
cve

CVE-2015-2974

LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image...

6.8AI Score

0.003EPSS

2015-07-29 01:59 AM
23
cve
cve

CVE-2015-2970

index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to delete arbitrary files via the oekakis...

7.1AI Score

0.004EPSS

2015-07-10 03:59 PM
21
cve
cve

CVE-2015-2969

Cross-site scripting (XSS) vulnerability in index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to inject arbitrary web script or HTML via the oekakis...

5.9AI Score

0.002EPSS

2015-07-10 03:59 PM
25
cve
cve

CVE-2015-4148

The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a...

6.9AI Score

0.031EPSS

2015-06-09 06:59 PM
83
cve
cve

CVE-2015-4147

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related.....

7.9AI Score

0.133EPSS

2015-06-09 06:59 PM
111
cve
cve

CVE-2015-4026

The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first...

8.2AI Score

0.04EPSS

2015-06-09 06:59 PM
127
Total number of security vulnerabilities1262