Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/156253?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/156253?format=api", "purl": "pkg:rpm/redhat/rh-php56-php@5.6.25-1?arch=el7", "type": "rpm", "namespace": "redhat", "name": "rh-php56-php", "version": "5.6.25-1", "qualifiers": { "arch": "el7" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113444?format=api", "vulnerability_id": "VCID-1tzr-b9sy-77gq", "summary": "php: Zend/zend_exceptions.c does not validate certain Exception objects", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8876.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8876.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8876", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12237", "scoring_system": "epss", "scoring_elements": "0.93979", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8876" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338896", "reference_id": "1338896", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8876" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1tzr-b9sy-77gq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76121?format=api", "vulnerability_id": "VCID-2acw-93jf-vub1", "summary": "Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8874.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8874.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8874", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04079", "scoring_system": "epss", "scoring_elements": "0.88757", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8874" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1336772", "reference_id": "1336772", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1336772" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824627", "reference_id": "824627", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8874" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2acw-93jf-vub1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67909?format=api", "vulnerability_id": "VCID-2h75-z32z-audu", "summary": "The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.77492", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323118", "reference_id": "1323118", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323118" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377", "reference_id": "827377", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377" }, { "reference_url": "https://security.gentoo.org/glsa/201701-42", "reference_id": "GLSA-201701-42", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-42" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8865" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2h75-z32z-audu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38291?format=api", "vulnerability_id": "VCID-2qwh-71ab-3qef", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in PCRE and PCRE2 allows remote attackers to execute arbitrary code via a crafted regular expression.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3210.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3210.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3210", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0573", "scoring_system": "epss", "scoring_elements": "0.90596", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3210" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287623", "reference_id": "1287623", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287623" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787433", "reference_id": "787433", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787433" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3210", "reference_id": "CVE-2015-3210", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-3210" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2qwh-71ab-3qef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112733?format=api", "vulnerability_id": "VCID-2tc5-ce1t-5qb5", "summary": "php: Double free in _php_mb_regex_ereg_replace_exec", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5768.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5768.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20989", "scoring_system": "epss", "scoring_elements": "0.95749", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5768" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351168", "reference_id": "1351168", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2598", "reference_id": "RHSA-2016:2598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5768" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2tc5-ce1t-5qb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97628?format=api", "vulnerability_id": "VCID-2vkd-7m31-zue9", "summary": "PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8383.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8383.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02335", "scoring_system": "epss", "scoring_elements": "0.85139", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8383" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287614", "reference_id": "1287614", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287614" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8383" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2vkd-7m31-zue9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112887?format=api", "vulnerability_id": "VCID-3c3g-pm2j-zycn", "summary": "php: xml_parse_into_struct() can crash when XML parser is re-used", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4539.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4539.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4539", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04506", "scoring_system": "epss", "scoring_elements": "0.89323", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4539" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332877", "reference_id": "1332877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4539" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3c3g-pm2j-zycn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112734?format=api", "vulnerability_id": "VCID-3sph-xeba-pqdh", "summary": "php: Int/size_t confusion in SplFileObject::fread", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5770.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5770.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5770", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10051", "scoring_system": "epss", "scoring_elements": "0.93207", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5770" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351171", "reference_id": "1351171", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5770" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3sph-xeba-pqdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6653?format=api", "vulnerability_id": "VCID-56aq-hzu2-b3af", "summary": "access restriction bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7125.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7125.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7125", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00546", "scoring_system": "epss", "scoring_elements": "0.6818", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374698", "reference_id": "1374698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374698" }, { "reference_url": "https://security.archlinux.org/AVG-152", "reference_id": "AVG-152", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-7125" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-56aq-hzu2-b3af" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112662?format=api", "vulnerability_id": "VCID-5ja7-yuy5-fkh1", "summary": "php: Improper error handling in bzread()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5399.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5399.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13858", "scoring_system": "epss", "scoring_elements": "0.9443", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5399" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358395", "reference_id": "1358395", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358395" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/40155.py", "reference_id": "CVE-2016-5399", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/40155.py" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2598", "reference_id": "RHSA-2016:2598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5399" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ja7-yuy5-fkh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112891?format=api", "vulnerability_id": "VCID-63jy-g11b-r3h6", "summary": "php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4543.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4543.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05437", "scoring_system": "epss", "scoring_elements": "0.90334", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4543" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332865", "reference_id": "1332865", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4543" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-63jy-g11b-r3h6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112658?format=api", "vulnerability_id": "VCID-676x-nb3f-8qfj", "summary": "php: Null pointer dereference in exif_process_user_comment", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6292.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6292.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6292", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06201", "scoring_system": "epss", "scoring_elements": "0.91025", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6292" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359756", "reference_id": "1359756", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-6292" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-676x-nb3f-8qfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112831?format=api", "vulnerability_id": "VCID-6eu8-edph-zbbc", "summary": "php: improper nul termination leading to out-of-bounds read in get_icu_value_internal", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5093.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5093.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5093", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01534", "scoring_system": "epss", "scoring_elements": "0.81659", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5093" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339590", "reference_id": "1339590", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339590" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5093" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6eu8-edph-zbbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112557?format=api", "vulnerability_id": "VCID-6msj-kkak-j3fw", "summary": "php: wddx_deserialize allows illegal memory access", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7129.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7129.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7129", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01858", "scoring_system": "epss", "scoring_elements": "0.83394", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7129" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374705", "reference_id": "1374705", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-7129" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6msj-kkak-j3fw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112974?format=api", "vulnerability_id": "VCID-78j4-s6t7-8yhq", "summary": "php: mb_strcut() Negative size parameter in memcpy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4073.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4073.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4073", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11044", "scoring_system": "epss", "scoring_elements": "0.93582", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4073" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323103", "reference_id": "1323103", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4073" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-78j4-s6t7-8yhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97629?format=api", "vulnerability_id": "VCID-7cc1-8j9m-87gj", "summary": "PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8392 and CVE-2015-8395.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8384.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8384.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.79186", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8384" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287623", "reference_id": "1287623", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287623" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8384" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7cc1-8j9m-87gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112889?format=api", "vulnerability_id": "VCID-7n5f-ungj-pufx", "summary": "php: bcpowmod accepts negative scale causing heap buffer overflow corrupting _one_ definition", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4538.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4538.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06482", "scoring_system": "epss", "scoring_elements": "0.91256", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5095", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5095" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332860", "reference_id": "1332860", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332860" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4538" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7n5f-ungj-pufx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112987?format=api", "vulnerability_id": "VCID-8f34-ubxg-47e4", "summary": "php: Integer overflow in php_raw_url_encode", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4070.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4070.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4070", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06468", "scoring_system": "epss", "scoring_elements": "0.91244", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4070" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323114", "reference_id": "1323114", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4070" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8f34-ubxg-47e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112559?format=api", "vulnerability_id": "VCID-8zrj-ns16-m3ce", "summary": "php: wddx_deserialize null dereference with invalid xml", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7131.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7131.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06375", "scoring_system": "epss", "scoring_elements": "0.91169", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374708", "reference_id": "1374708", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-7131" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8zrj-ns16-m3ce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112738?format=api", "vulnerability_id": "VCID-9zm2-5tm6-uuay", "summary": "php: Use after free in SNMP with GC and unserialize()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6295.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6295.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6295", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05124", "scoring_system": "epss", "scoring_elements": "0.90019", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359815", "reference_id": "1359815", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-6295" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9zm2-5tm6-uuay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76126?format=api", "vulnerability_id": "VCID-agay-5tse-xqbw", "summary": "Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3074.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3074.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3074", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60488", "scoring_system": "epss", "scoring_elements": "0.98311", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1321893", "reference_id": "1321893", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1321893" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822242", "reference_id": "822242", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822242" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/39736.txt", "reference_id": "CVE-2016-3074", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/39736.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201607-04", "reference_id": "GLSA-201607-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-3074" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-agay-5tse-xqbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112924?format=api", "vulnerability_id": "VCID-ahdb-x78g-kbe6", "summary": "php: OOB read in grapheme_stripos and grapheme_strpos when negative offset is used", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4541.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01936", "scoring_system": "epss", "scoring_elements": "0.83737", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4541" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332872", "reference_id": "1332872", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4541" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ahdb-x78g-kbe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113043?format=api", "vulnerability_id": "VCID-ajpn-dv7n-jufa", "summary": "php: Use after free in WDDX Deserialize when processing XML data", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3141.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3141.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3141", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.72278", "scoring_system": "epss", "scoring_elements": "0.98777", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3141" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315328", "reference_id": "1315328", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-3141" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajpn-dv7n-jufa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113484?format=api", "vulnerability_id": "VCID-at87-v2zb-7fhy", "summary": "php: type confusion issue in Soap Client call() method", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8835.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8835.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04045", "scoring_system": "epss", "scoring_elements": "0.88714", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8835" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323074", "reference_id": "1323074", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8835" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-at87-v2zb-7fhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97630?format=api", "vulnerability_id": "VCID-by6c-cfvh-4uev", "summary": "PCRE before 8.38 mishandles the /(?|(\\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8385.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8385.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8385", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05145", "scoring_system": "epss", "scoring_elements": "0.90041", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8385" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287629", "reference_id": "1287629", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287629" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8385" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-by6c-cfvh-4uev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97633?format=api", "vulnerability_id": "VCID-c2g2-p2eq-mygx", "summary": "PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8388.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04176", "scoring_system": "epss", "scoring_elements": "0.88888", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8388" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1237223", "reference_id": "1237223", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1237223" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8388" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c2g2-p2eq-mygx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113088?format=api", "vulnerability_id": "VCID-can9-4jyb-s3eb", "summary": "php: Uninitialized pointer in phar_make_dirstream()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4343.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4343.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4343", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07576", "scoring_system": "epss", "scoring_elements": "0.91985", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4343" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332454", "reference_id": "1332454", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332454" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4343" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-can9-4jyb-s3eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113086?format=api", "vulnerability_id": "VCID-cjpc-z8pj-hba4", "summary": "php: use of uninitialized pointer in PharFileInfo::getContent", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4342.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4342.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4342", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05555", "scoring_system": "epss", "scoring_elements": "0.90436", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4342" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1305536", "reference_id": "1305536", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1305536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4342" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cjpc-z8pj-hba4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112871?format=api", "vulnerability_id": "VCID-cw2n-dvsp-3bgy", "summary": "php: Integer overflow in php_html_entities()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5094.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5094.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5094", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02407", "scoring_system": "epss", "scoring_elements": "0.85368", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5094" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340738", "reference_id": "1340738", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5094" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cw2n-dvsp-3bgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113300?format=api", "vulnerability_id": "VCID-d83x-jm3c-auf7", "summary": "php: out-of-bounds write in fpm_log.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5114.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5114.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01016", "scoring_system": "epss", "scoring_elements": "0.77512", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5114" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297710", "reference_id": "1297710", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5114" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d83x-jm3c-auf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113459?format=api", "vulnerability_id": "VCID-dbjn-2deh-7ugh", "summary": "php: odbc_bindcols function mishandles driver behavior for SQL_WVARCHAR columns", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8879.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8879.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8879", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01617", "scoring_system": "epss", "scoring_elements": "0.82144", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8879" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338912", "reference_id": "1338912", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8879" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dbjn-2deh-7ugh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112921?format=api", "vulnerability_id": "VCID-dy23-b2qk-3bex", "summary": "php: openssl_random_pseudo_bytes() is not cryptographically secure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8867.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8867.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8867", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13368", "scoring_system": "epss", "scoring_elements": "0.94315", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8867" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330420", "reference_id": "1330420", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8867" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dy23-b2qk-3bex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112725?format=api", "vulnerability_id": "VCID-e2me-6b2t-vffx", "summary": "php: Stack-based buffer overflow vulnerability in php_stream_zip_opener", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6297.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6297.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6297", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06254", "scoring_system": "epss", "scoring_elements": "0.91068", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359828", "reference_id": "1359828", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-6297" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2me-6b2t-vffx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76129?format=api", "vulnerability_id": "VCID-eevm-m3bb-8qgu", "summary": "Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5767.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5767.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04623", "scoring_system": "epss", "scoring_elements": "0.89455", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5767" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351069", "reference_id": "1351069", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2598", "reference_id": "RHSA-2016:2598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5767" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eevm-m3bb-8qgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112663?format=api", "vulnerability_id": "VCID-eu6b-up6e-z7gg", "summary": "php: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6291.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6291.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06548", "scoring_system": "epss", "scoring_elements": "0.91301", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6291" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359718", "reference_id": "1359718", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359718" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-6291" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eu6b-up6e-z7gg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112884?format=api", "vulnerability_id": "VCID-fqrm-ga7u-t7cn", "summary": "php: Integer underflow causing arbitrary null write in fread/gzread", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5096.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5096.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5096", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01601", "scoring_system": "epss", "scoring_elements": "0.82038", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5096" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5095", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5095" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339949", "reference_id": "1339949", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5096" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fqrm-ga7u-t7cn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113071?format=api", "vulnerability_id": "VCID-fx1t-22mu-4bfd", "summary": "php: Out-of-bounds read in phar_parse_zipfile()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3142.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3142.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04302", "scoring_system": "epss", "scoring_elements": "0.89061", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3142" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315312", "reference_id": "1315312", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-3142" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fx1t-22mu-4bfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112981?format=api", "vulnerability_id": "VCID-fycp-est3-1keh", "summary": "php: Invalid memory write in phar on filename containing \\0 inside name", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4072.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4072.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4072", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11136", "scoring_system": "epss", "scoring_elements": "0.93614", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4072" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323106", "reference_id": "1323106", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323106" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4072" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fycp-est3-1keh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112736?format=api", "vulnerability_id": "VCID-g2ck-r15b-4qa2", "summary": "php: Double Free Corruption in wddx_deserialize", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5772.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5772.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15935", "scoring_system": "epss", "scoring_elements": "0.94882", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351175", "reference_id": "1351175", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5772" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g2ck-r15b-4qa2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97625?format=api", "vulnerability_id": "VCID-g6q6-3k6s-vuey", "summary": "Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5073.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5073.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5073", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.68214", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5073" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1237223", "reference_id": "1237223", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1237223" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790000", "reference_id": "790000", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790000" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-5073" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g6q6-3k6s-vuey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112723?format=api", "vulnerability_id": "VCID-gm44-w424-2kgu", "summary": "php: Out-of-bounds access in locale_accept_from_http", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6294.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6294.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6294", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06163", "scoring_system": "epss", "scoring_elements": "0.90984", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6294" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359811", "reference_id": "1359811", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-6294" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gm44-w424-2kgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112920?format=api", "vulnerability_id": "VCID-gx36-t6xj-gkau", "summary": "php: libxml_disable_entity_loader setting is shared between threads", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8866.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8866.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8866", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03531", "scoring_system": "epss", "scoring_elements": "0.87871", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8866" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330418", "reference_id": "1330418", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8866" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gx36-t6xj-gkau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112888?format=api", "vulnerability_id": "VCID-h2ee-c2nz-aqa1", "summary": "php: bcpowmod accepts negative scale causing heap buffer overflow corrupting _one_ definition", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4537.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4537.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06482", "scoring_system": "epss", "scoring_elements": "0.91256", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4537" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332860", "reference_id": "1332860", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332860" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4537" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h2ee-c2nz-aqa1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112735?format=api", "vulnerability_id": "VCID-h5nv-ghdt-8bfr", "summary": "php: Use After Free Vulnerability in PHP's GC algorithm and unserialize", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5771.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5771.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5771", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09582", "scoring_system": "epss", "scoring_elements": "0.93018", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351173", "reference_id": "1351173", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5771" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5nv-ghdt-8bfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112556?format=api", "vulnerability_id": "VCID-he8d-8ahq-yub7", "summary": "php: Memory Leakage In exif_process_IFD_in_TIFF", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7128.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7128.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7128", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02186", "scoring_system": "epss", "scoring_elements": "0.84679", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7128" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374704", "reference_id": "1374704", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-7128" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-he8d-8ahq-yub7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76122?format=api", "vulnerability_id": "VCID-hghm-njcu-audc", "summary": "The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8877.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8877.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8877", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02317", "scoring_system": "epss", "scoring_elements": "0.85081", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8874", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8877" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338907", "reference_id": "1338907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8877" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hghm-njcu-audc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76149?format=api", "vulnerability_id": "VCID-j1b9-hpxd-tqbv", "summary": "The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7127.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7127.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7127", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02726", "scoring_system": "epss", "scoring_elements": "0.86218", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7127" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374701", "reference_id": "1374701", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-7127" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j1b9-hpxd-tqbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112745?format=api", "vulnerability_id": "VCID-j55n-2uc7-cqbu", "summary": "php: Invalid free() instead of efree() in phar_extract_file()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4473.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4473.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16817", "scoring_system": "epss", "scoring_elements": "0.95074", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4473" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347772", "reference_id": "1347772", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4473" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j55n-2uc7-cqbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113379?format=api", "vulnerability_id": "VCID-jgcc-5ak2-mqd9", "summary": "php: Buffer over-read in php_url_parse_ex", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6288.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6288.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6288", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04325", "scoring_system": "epss", "scoring_elements": "0.89093", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6288" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360322", "reference_id": "1360322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-6288" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jgcc-5ak2-mqd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112892?format=api", "vulnerability_id": "VCID-jqx9-6dbx-m3bh", "summary": "php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4544.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4544.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04299", "scoring_system": "epss", "scoring_elements": "0.89056", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4544" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332865", "reference_id": "1332865", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4544" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jqx9-6dbx-m3bh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76130?format=api", "vulnerability_id": "VCID-jvzj-485k-4fcw", "summary": "The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6128.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6128.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6128", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12098", "scoring_system": "epss", "scoring_elements": "0.9393", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351603", "reference_id": "1351603", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351603" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829062", "reference_id": "829062", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-6128" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jvzj-485k-4fcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113812?format=api", "vulnerability_id": "VCID-jw2h-aquc-bucz", "summary": "php: HTTP response splitting in header() function", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8935.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8935.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78532", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8935" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1348927", "reference_id": "1348927", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1348927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1066", "reference_id": "RHSA-2015:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8935" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jw2h-aquc-bucz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76146?format=api", "vulnerability_id": "VCID-k84g-a51c-fugu", "summary": "The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7126.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7126.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04632", "scoring_system": "epss", "scoring_elements": "0.89464", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374699", "reference_id": "1374699", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-7126" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k84g-a51c-fugu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38292?format=api", "vulnerability_id": "VCID-kd3m-s417-qkbr", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nPCRE, and PCRE2 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3217.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.75413", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3217" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228283", "reference_id": "1228283", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228283" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787641", "reference_id": "787641", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787641" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3217", "reference_id": "CVE-2015-3217", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-3217" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kd3m-s417-qkbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97624?format=api", "vulnerability_id": "VCID-kpkt-vb2t-kuar", "summary": "PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2328.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2328.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2328", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02714", "scoring_system": "epss", "scoring_elements": "0.86198", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2328" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285399", "reference_id": "1285399", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-2328" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kpkt-vb2t-kuar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76134?format=api", "vulnerability_id": "VCID-mjr6-8pyz-tbbc", "summary": "Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6207.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08719", "scoring_system": "epss", "scoring_elements": "0.92637", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6207" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359800", "reference_id": "1359800", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-6207" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mjr6-8pyz-tbbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97623?format=api", "vulnerability_id": "VCID-mrwr-pqss-6keq", "summary": "PCRE before 8.36 mishandles the /(((a\\2)|(a*)\\g<-1>))*/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2327.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2327.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2327", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02821", "scoring_system": "epss", "scoring_elements": "0.86426", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2327" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285408", "reference_id": "1285408", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-2327" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mrwr-pqss-6keq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112726?format=api", "vulnerability_id": "VCID-npzd-q347-2ygw", "summary": "php: Integer overflow leads to buffer overflow in virtual_file_ex", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6289.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6289.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6289", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02322", "scoring_system": "epss", "scoring_elements": "0.85097", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6289" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359698", "reference_id": "1359698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-6289" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-npzd-q347-2ygw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97626?format=api", "vulnerability_id": "VCID-p1z2-yqe2-tqaf", "summary": "The compile_regex function in pcre_compile.c in PCRE before 8.38 and pcre2_compile.c in PCRE2 before 10.2x mishandles the /(?J:(?|(:(?|(?'R')(\\k'R')|((?'R')))H'Rk'Rf)|s(?'R'))))/ and /(?J:(?|(:(?|(?'R')(\\z(?|(?'R')(\\k'R')|((?'R')))k'R')|((?'R')))H'Ak'Rf)|s(?'R')))/ patterns, and related patterns with certain group references, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8381.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8381.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05803", "scoring_system": "epss", "scoring_elements": "0.90676", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8381" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287711", "reference_id": "1287711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287711" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796762", "reference_id": "796762", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796762" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8381" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p1z2-yqe2-tqaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106606?format=api", "vulnerability_id": "VCID-p68m-zygn-e7c2", "summary": "Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6296.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6296.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6296", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13001", "scoring_system": "epss", "scoring_elements": "0.94212", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6296" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359822", "reference_id": "1359822", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359822" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832959", "reference_id": "832959", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-6296" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p68m-zygn-e7c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97644?format=api", "vulnerability_id": "VCID-p6s9-fmbe-bbdu", "summary": "PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8392.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8395.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8395.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8395", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02405", "scoring_system": "epss", "scoring_elements": "0.8536", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8395" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287711", "reference_id": "1287711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287711" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8395" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p6s9-fmbe-bbdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112923?format=api", "vulnerability_id": "VCID-ptnr-7zdy-v3df", "summary": "php: OOB read in grapheme_stripos and grapheme_strpos when negative offset is used", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4540.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4540.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83856", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4540" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332872", "reference_id": "1332872", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4540" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptnr-7zdy-v3df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113072?format=api", "vulnerability_id": "VCID-pvyq-135x-dfaq", "summary": "php: buffer overflow in handling of long link names in tar phar archives", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2554.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2554.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2554", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10282", "scoring_system": "epss", "scoring_elements": "0.93303", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2554" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1305543", "reference_id": "1305543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1305543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-2554" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pvyq-135x-dfaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113443?format=api", "vulnerability_id": "VCID-qvuc-9nm7-eyed", "summary": "php: Stack consumption vulnerability in Zend/zend_exceptions.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8873.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8873", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02792", "scoring_system": "epss", "scoring_elements": "0.86363", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8873" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1336775", "reference_id": "1336775", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1336775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8873" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qvuc-9nm7-eyed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112890?format=api", "vulnerability_id": "VCID-rcc5-73de-7bgb", "summary": "php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4542.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4542.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4542", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01233", "scoring_system": "epss", "scoring_elements": "0.79528", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4542" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332865", "reference_id": "1332865", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4542" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rcc5-73de-7bgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97621?format=api", "vulnerability_id": "VCID-tkxu-ju7q-sqbn", "summary": "The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2325.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2325.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2325", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64963", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2325" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207198", "reference_id": "1207198", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207198" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781795", "reference_id": "781795", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781795" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-2325" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tkxu-ju7q-sqbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97631?format=api", "vulnerability_id": "VCID-twye-41tq-hkcw", "summary": "PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8386.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8386.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8386", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0752", "scoring_system": "epss", "scoring_elements": "0.91951", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8386" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287636", "reference_id": "1287636", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287636" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8386" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-twye-41tq-hkcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112737?format=api", "vulnerability_id": "VCID-tyr1-ue62-suba", "summary": "php: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5773.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5773.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16127", "scoring_system": "epss", "scoring_elements": "0.94918", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5773" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351179", "reference_id": "1351179", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351179" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5773" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tyr1-ue62-suba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97638?format=api", "vulnerability_id": "VCID-u7q1-w5yx-bfc3", "summary": "The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8391.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8391.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8391", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06404", "scoring_system": "epss", "scoring_elements": "0.91194", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8391" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287671", "reference_id": "1287671", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287671" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1025", "reference_id": "RHSA-2016:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8391" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u7q1-w5yx-bfc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112720?format=api", "vulnerability_id": "VCID-v6h2-pawz-hyhu", "summary": "php: Use after free in unserialize() with Unexpected Session Deserialization", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6290.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6290.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6290", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08435", "scoring_system": "epss", "scoring_elements": "0.92486", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6290" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359710", "reference_id": "1359710", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-6290" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v6h2-pawz-hyhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112555?format=api", "vulnerability_id": "VCID-vh9q-qzwq-vkgb", "summary": "php: bypass __wakeup() in deserialization of an unexpected object", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7124.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7124.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7124", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.74663", "scoring_system": "epss", "scoring_elements": "0.98878", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374697", "reference_id": "1374697", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-7124" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vh9q-qzwq-vkgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76115?format=api", "vulnerability_id": "VCID-wdcy-9v3g-xqaz", "summary": "gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7456.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7456.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7456", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01328", "scoring_system": "epss", "scoring_elements": "0.80272", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7456" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340433", "reference_id": "1340433", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2013-7456" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wdcy-9v3g-xqaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113032?format=api", "vulnerability_id": "VCID-wdyd-wy11-mkg1", "summary": "php: Format string vulnerability in php_snmp_error()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4071.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4071.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4071", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.3258", "scoring_system": "epss", "scoring_elements": "0.96956", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323108", "reference_id": "1323108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1323108" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/39645.php", "reference_id": "CVE-2016-4071", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/39645.php" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-4071" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wdyd-wy11-mkg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76128?format=api", "vulnerability_id": "VCID-x4mv-43g5-nke4", "summary": "Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5766.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5766.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16232", "scoring_system": "epss", "scoring_elements": "0.94938", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5766" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351068", "reference_id": "1351068", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351068" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829014", "reference_id": "829014", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2598", "reference_id": "RHSA-2016:2598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5443", "reference_id": "RHSA-2020:5443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5443" } ], "fixed_packages": [], "aliases": [ "CVE-2016-5766" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x4mv-43g5-nke4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113243?format=api", "vulnerability_id": "VCID-x547-8y5r-qkh8", "summary": "php: Out-of-bounds memory read via gdImageRotateInterpolated", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1903.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1903.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08692", "scoring_system": "epss", "scoring_elements": "0.92627", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297717", "reference_id": "1297717", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297717" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-1903" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x547-8y5r-qkh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113395?format=api", "vulnerability_id": "VCID-xk5k-az56-ykc6", "summary": "php: ZipArchive:: extractTo allows for directory traversal when creating directories", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9767.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9767.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00492", "scoring_system": "epss", "scoring_elements": "0.65991", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9767" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1260716", "reference_id": "1260716", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1260716" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2014-9767" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xk5k-az56-ykc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97622?format=api", "vulnerability_id": "VCID-ys5j-2ms5-6qby", "summary": "The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by \"((?+1)(\\1))/\".", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2326.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2326.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2326", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00569", "scoring_system": "epss", "scoring_elements": "0.68944", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2326" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207202", "reference_id": "1207202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207202" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783285", "reference_id": "783285", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-2326" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ys5j-2ms5-6qby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112560?format=api", "vulnerability_id": "VCID-zacb-53ek-6kak", "summary": "php: wddx_deserialize null dereference in php_wddx_pop_element", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7132.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7132.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14856", "scoring_system": "epss", "scoring_elements": "0.94646", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374711", "reference_id": "1374711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374711" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-7132" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zacb-53ek-6kak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97639?format=api", "vulnerability_id": "VCID-zfag-y22f-cfcp", "summary": "PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (unintended recursion and buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8395.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8392.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8392.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04389", "scoring_system": "epss", "scoring_elements": "0.89174", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8392" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287690", "reference_id": "1287690", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1287690" }, { "reference_url": "https://security.gentoo.org/glsa/201607-02", "reference_id": "GLSA-201607-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1132", "reference_id": "RHSA-2016:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8392" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zfag-y22f-cfcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112558?format=api", "vulnerability_id": "VCID-zmzd-gp6s-9ucq", "summary": "php: wddx_deserialize null dereference", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7130.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7130.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7130", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02206", "scoring_system": "epss", "scoring_elements": "0.8475", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7130" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374707", "reference_id": "1374707", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374707" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" } ], "fixed_packages": [], "aliases": [ "CVE-2016-7130" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zmzd-gp6s-9ucq" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-php56-php@5.6.25-1%3Farch=el7" }