CVE search results

211 – 220 of 656 results

Detailed view

Sort by:

CVE-2016-6207

Medium priority

Some fixes available 2 of 3

Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption)...

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-5385

Medium priority

Some fixes available 3 of 4

PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-6214

Low priority

Some fixes available 2 of 3

gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-6161

Low priority

Fixed

The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-6132

Low priority

Some fixes available 2 of 3

The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-6128

Medium priority

Fixed

The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-5773

Low priority

Some fixes available 2 of 4

php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-5772

Medium priority

Some fixes available 3 of 4

Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-5771

Low priority

Some fixes available 1 of 3

spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-5769

Medium priority

Some fixes available 3 of 4

Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash)...

2 affected packages

php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	—
php7.0	—	—	—	—

Export to JSON

Results by page:

Search CVE reports