U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:php:php:7.0.8
There are 105 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2016-7412

ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.

Published: September 17, 2016; 5:59:03 PM -0400
V3.0: 8.1 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-7134

ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service (allocation error and heap-based buffer overflow) or possibly have unspecified other impact via a long string that is mishandled in a curl_escape call.

Published: September 11, 2016; 9:59:12 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2016-7133

Zend/zend_alloc.c in PHP 7.x before 7.0.10, when open_basedir is enabled, mishandles huge realloc operations, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a long pathname.

Published: September 11, 2016; 9:59:11 PM -0400
V3.0: 8.1 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-7132

ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a stray element inside a boolean element, leading to incorrect pop processing.

Published: September 11, 2016; 9:59:10 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-7131

ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a tag that lacks a < (less than) character.

Published: September 11, 2016; 9:59:09 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-7130

The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document.

Published: September 11, 2016; 9:59:08 PM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-7129

The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddx_deserialize call that mishandles a dateTime element in a wddxPacket XML document.

Published: September 11, 2016; 9:59:07 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2016-7128

The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.

Published: September 11, 2016; 9:59:06 PM -0400
V3.0: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2016-7127

The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments.

Published: September 11, 2016; 9:59:05 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2016-7126

The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument.

Published: September 11, 2016; 9:59:04 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2016-7125

ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.

Published: September 11, 2016; 9:59:03 PM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-7124

ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call.

Published: September 11, 2016; 9:59:02 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2016-6207

Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.

Published: August 12, 2016; 11:59:03 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-6128

The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.

Published: August 07, 2016; 6:59:22 AM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-6297

Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted zip:// URL.

Published: July 25, 2016; 10:59:11 AM -0400
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-6296

Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function.

Published: July 25, 2016; 10:59:10 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2016-6295

ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773.

Published: July 25, 2016; 10:59:08 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2016-6294

The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument.

Published: July 25, 2016; 10:59:07 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2016-6292

The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image.

Published: July 25, 2016; 10:59:05 AM -0400
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-6291

The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process memory, or possibly have unspecified other impact via a crafted JPEG image.

Published: July 25, 2016; 10:59:04 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH