Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-5385 | 5.1 |
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attacker
|
12-02-2023 - 23:23 | 19-07-2016 - 02:00 | |
CVE-2016-5770 | 7.5 |
Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large inte
|
20-07-2022 - 16:54 | 07-08-2016 - 10:59 | |
CVE-2016-5771 | 7.5 |
spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-a
|
20-07-2022 - 16:52 | 07-08-2016 - 10:59 | |
CVE-2016-5772 | 7.5 |
Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execu
|
20-07-2022 - 16:49 | 07-08-2016 - 10:59 | |
CVE-2016-5766 | 6.8 |
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based
|
22-04-2019 - 17:48 | 07-08-2016 - 10:59 | |
CVE-2016-5768 | 7.5 |
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial o
|
05-01-2018 - 02:31 | 07-08-2016 - 10:59 | |
CVE-2016-5767 | 6.8 |
Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based
|
05-01-2018 - 02:31 | 07-08-2016 - 10:59 | |
CVE-2015-8935 | 4.3 |
The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XS
|
05-01-2018 - 02:30 | 07-08-2016 - 10:59 | |
CVE-2016-5769 | 7.5 |
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have uns
|
28-11-2016 - 20:29 | 07-08-2016 - 10:59 |