Max CVSS 7.5 Min CVSS 5.0 Total Count10
IDCVSSSummaryLast (major) updatePublished
CVE-2016-7134 7.5
ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service (allocation error and heap-based buffer overflow) or possibly have unspecified other impact via
28-11-2016 - 15:37 11-09-2016 - 21:59
CVE-2016-7132 5.0
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket XML document that is
28-11-2016 - 15:37 11-09-2016 - 21:59
CVE-2016-7131 5.0
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is
28-11-2016 - 15:37 11-09-2016 - 21:59
CVE-2016-7130 5.0
The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an inv
28-11-2016 - 15:37 11-09-2016 - 21:59
CVE-2016-7129 7.5
The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid ISO 8601 time value, a
28-11-2016 - 15:37 11-09-2016 - 21:59
CVE-2016-7128 5.0
The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memor
28-11-2016 - 15:37 11-09-2016 - 21:59
CVE-2016-7127 7.5
The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impa
28-11-2016 - 15:37 11-09-2016 - 21:59
CVE-2016-7126 7.5
The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-boun
28-11-2016 - 15:37 11-09-2016 - 21:59
CVE-2016-7125 5.0
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as dem
28-11-2016 - 15:37 11-09-2016 - 21:59
CVE-2016-7124 7.5
ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads
28-11-2016 - 15:37 11-09-2016 - 21:59
Back to Top Mark selected
Back to Top