Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-4698 | 4.6 |
Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applicatio
|
19-01-2023 - 16:35 | 10-07-2014 - 11:06 | |
CVE-2014-3538 | 5.0 |
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. N
|
19-01-2023 - 16:34 | 03-07-2014 - 14:55 | |
CVE-2014-2497 | 4.3 |
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
|
28-09-2022 - 20:39 | 21-03-2014 - 14:55 | |
CVE-2014-3587 | 4.3 |
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a craf
|
05-01-2018 - 02:29 | 23-08-2014 - 01:55 | |
CVE-2014-3597 | 6.8 |
Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS re
|
07-01-2017 - 03:00 | 23-08-2014 - 01:55 | |
CVE-2014-4670 | 4.6 |
Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications i
|
07-01-2017 - 03:00 | 10-07-2014 - 11:06 | |
CVE-2014-3478 | 5.0 |
Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal
|
28-11-2016 - 19:11 | 09-07-2014 - 11:07 | |
CVE-2014-5120 | 6.4 |
gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1)
|
26-10-2016 - 02:00 | 23-08-2014 - 01:55 |