|
266221
|
7.5 |
HIGH
Network
|
opensuse
golang
fedoraproject
|
leap
go
fedora
|
The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a …
|
CWE-20
Improper Input Validation
|
CVE-2016-3959
|
2024-11-21 11:51 |
2016-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266222
|
7.8 |
HIGH
Local
|
golang
|
go
|
Untrusted search path vulnerability in Go before 1.5.4 and 1.6.x before 1.6.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, related to use …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3958
|
2024-11-21 11:51 |
2016-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266223
|
9.8 |
CRITICAL
Network
|
php
opensuse
|
php
leap
opensuse
|
Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string,…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-4346
|
2024-11-21 11:51 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266224
|
9.8 |
CRITICAL
Network
|
php
|
php
|
Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other i…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-4345
|
2024-11-21 11:51 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266225
|
9.8 |
CRITICAL
Network
|
php
|
php
|
Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argumen…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-4344
|
2024-11-21 11:51 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266226
|
8.8 |
HIGH
Network
|
php
opensuse
|
php
opensuse
|
The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2016-4343
|
2024-11-21 11:51 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266227
|
8.8 |
HIGH
Network
|
opensuse
php
|
leap
php
|
ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memor…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4342
|
2024-11-21 11:51 |
2016-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266228
|
7.5 |
HIGH
Network
|
gnome
debian
opensuse
|
librsvg
debian_linux
leap
opensuse
|
The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an S…
|
CWE-20
Improper Input Validation
|
CVE-2016-4348
|
2024-11-21 11:51 |
2016-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266229
|
9.8 |
CRITICAL
Network
|
php
apple
|
php
mac_os_x
|
Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-4073
|
2024-11-21 11:51 |
2016-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266230
|
9.8 |
CRITICAL
Network
|
php
apple
|
php
mac_os_x
|
The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 chara…
|
CWE-20
Improper Input Validation
|
CVE-2016-4072
|
2024-11-21 11:51 |
2016-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
