| CVE-2016-9934 |
Medium |
Yes |
Denial of service |
It has been discovered that ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer... |
| CVE-2016-9933 |
Medium |
Yes |
Denial of service |
Stack consumption vulnerability has been discovered in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used... |
| CVE-2016-9138 |
High |
Yes |
Arbitrary code execution |
PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing while unserializing, which allows remote attackers to... |
| CVE-2016-8670 |
High |
Yes |
Arbitrary code execution |
A vulnerability was found in gd. Integer underflow in a calculation in dynamicGetbuf() was incorrectly handled, leading in some circumstances to an out of... |
| CVE-2016-7568 |
High |
Yes |
Arbitrary code execution |
An integer overflow flaw, leading to a heap-based buffer overflow, was found in gd. A specially crafted image, when converted to webp, could cause the... |
| CVE-2016-7478 |
Medium |
Yes |
Denial of service |
Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a... |
| CVE-2016-6911 |
Medium |
Yes |
Denial of service |
A vulnerability was found in gd as used in php. The function dynamicGetbuf() failed to check for out of bounds reads. An attacker could create a crafted... |