Filtered by vendor Php
Subscriptions
Filtered by product Php
Subscriptions
Total
710 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-7134 | 1 Php | 1 Php | 2024-11-21 | N/A |
ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service (allocation error and heap-based buffer overflow) or possibly have unspecified other impact via a long string that is mishandled in a curl_escape call. | ||||
CVE-2016-7133 | 1 Php | 1 Php | 2024-11-21 | N/A |
Zend/zend_alloc.c in PHP 7.x before 7.0.10, when open_basedir is enabled, mishandles huge realloc operations, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a long pathname. | ||||
CVE-2016-7132 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | 7.5 High |
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a stray element inside a boolean element, leading to incorrect pop processing. | ||||
CVE-2016-7131 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | 7.5 High |
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a tag that lacks a < (less than) character. | ||||
CVE-2016-7130 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document. | ||||
CVE-2016-7129 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddx_deserialize call that mishandles a dateTime element in a wddxPacket XML document. | ||||
CVE-2016-7128 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image. | ||||
CVE-2016-7127 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments. | ||||
CVE-2016-7126 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | 9.8 Critical |
The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument. | ||||
CVE-2016-7125 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection. | ||||
CVE-2016-7124 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call. | ||||
CVE-2016-6297 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted zip:// URL. | ||||
CVE-2016-6296 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function. | ||||
CVE-2016-6295 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773. | ||||
CVE-2016-6294 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument. | ||||
CVE-2016-6292 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image. | ||||
CVE-2016-6291 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process memory, or possibly have unspecified other impact via a crafted JPEG image. | ||||
CVE-2016-6290 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization. | ||||
CVE-2016-6289 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted extract operation on a ZIP archive. | ||||
CVE-2016-6288 | 2 Php, Redhat | 2 Php, Rhel Software Collections | 2024-11-21 | N/A |
The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors involving the smart_str data type. |