|
268431
|
9.8 |
CRITICAL
Network
|
php
|
php
|
Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attac…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6296
|
2024-11-21 11:55 |
2016-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268432
|
9.8 |
CRITICAL
Network
|
php
|
php
|
ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause…
|
CWE-416
Use After Free
|
CVE-2016-6295
|
2024-11-21 11:55 |
2016-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268433
|
9.8 |
CRITICAL
Network
|
php
|
php
|
The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguag…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-6294
|
2024-11-21 11:55 |
2016-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268434
|
9.8 |
CRITICAL
Network
|
icu-project
|
international_components_for_unicode
|
The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\0' character at the end of a certain…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6293
|
2024-11-21 11:55 |
2016-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268435
|
6.5 |
MEDIUM
Network
|
php
|
php
|
The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereferenc…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-6292
|
2024-11-21 11:55 |
2016-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268436
|
9.8 |
CRITICAL
Network
|
php
|
php
|
The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6291
|
2024-11-21 11:55 |
2016-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268437
|
9.8 |
CRITICAL
Network
|
php
|
php
|
ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of serv…
|
CWE-416
Use After Free
|
CVE-2016-6290
|
2024-11-21 11:55 |
2016-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268438
|
7.8 |
HIGH
Local
|
php
|
php
|
Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-6289
|
2024-11-21 11:55 |
2016-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268439
|
9.8 |
CRITICAL
Network
|
php
|
php
|
The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6288
|
2024-11-21 11:55 |
2016-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268440
|
6.1 |
MEDIUM
Network
|
siemens
|
sinema_remote_connect_server
|
Cross-site scripting (XSS) vulnerability in the integrated web server in Siemens SINEMA Remote Connect Server before 1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted U…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6204
|
2024-11-21 11:55 |
2016-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
