|
270171
|
9.1 |
CRITICAL
Network
|
libgd
opensuse
debian
|
libgd
leap
debian_linux
|
gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memor…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5116
|
2024-11-21 11:53 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270172
|
9.1 |
CRITICAL
Network
|
php
|
php
|
sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information…
|
CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Read
|
CVE-2016-5114
|
2024-11-21 11:53 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270173
|
8.6 |
HIGH
Network
|
php
|
php
|
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impa…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-5096
|
2024-11-21 11:53 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270174
|
8.6 |
HIGH
Network
|
php
|
php
|
Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-5095
|
2024-11-21 11:53 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270175
|
8.6 |
HIGH
Network
|
php
|
php
|
Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecifie…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-5094
|
2024-11-21 11:53 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270176
|
8.6 |
HIGH
Network
|
php
|
php
|
The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows …
|
CWE-125
Out-of-bounds Read
|
CVE-2016-5093
|
2024-11-21 11:53 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270177
|
9.8 |
CRITICAL
Network
|
redhat
|
jboss_bpm_suite
jboss_enterprise_brms_platform
dashbuilder
|
SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to …
|
CWE-89
SQL Injection
|
CVE-2016-4999
|
2024-11-21 11:53 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270178
|
5.5 |
MEDIUM
Local
|
apache
|
poi
|
The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity r…
|
CWE-611
XXE
|
CVE-2016-5000
|
2024-11-21 11:53 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270179
|
4.3 |
MEDIUM
Network
|
mozilla
|
firefox
|
Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI_SAFE_FOR_UNTRUSTED_CONTENT flags of about: URLs that are used for error pages, which makes it easier for remote attackers to con…
|
CWE-254
7PK - Security Features
|
CVE-2016-5268
|
2024-11-21 11:53 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270180
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
|
Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set.
|
CWE-20
Improper Input Validation
|
CVE-2016-5267
|
2024-11-21 11:53 |
2016-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
