CVE search results

171 – 180 of 635 results

Detailed view

Sort by:

CVE-2016-7132

Medium priority

Fixed

ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
php5	—	—	—	—	Not in release
php7.0	—	—	—	—	Fixed

CVE-2016-7131

Medium priority

Fixed

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
php5	—	—	—	—	Not in release
php7.0	—	—	—	—	Fixed

CVE-2016-7130

Medium priority

Fixed

The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
php5	—	—	—	—	Not in release
php7.0	—	—	—	—	Fixed

CVE-2016-7129

Medium priority

Fixed

The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
php5	—	—	—	—	Not in release
php7.0	—	—	—	—	Fixed

CVE-2016-7128

Low priority

Fixed

The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
php5	—	—	—	—	Not in release
php7.0	—	—	—	—	Fixed

CVE-2016-7127

Medium priority

Fixed

The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have...

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libgd2	—	—	—	—	Not affected
php5	—	—	—	—	Not in release
php7.0	—	—	—	—	Fixed

CVE-2016-7125

Low priority

Fixed

ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
php5	—	—	—	—	Not in release
php7.0	—	—	—	—	Fixed

CVE-2016-7124

Low priority

Fixed

ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
php5	—	—	—	—	Not in release
php7.0	—	—	—	—	Fixed

CVE-2016-5770

Medium priority

Ignored

Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
php5	—	—	—	—	Not in release
php7.0	—	—	—	—	Not affected

CVE-2016-5767

Medium priority

Not affected

Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of...

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libgd2	—	—	—	—	Not affected
php5	—	—	—	—	Not in release
php7.0	—	—	—	—	Not affected

Export to JSON

Results by page:

Search CVE reports