| 0 |
|
| 1 |
|
| 2 |
| url |
VCID-2h75-z32z-audu |
| vulnerability_id |
VCID-2h75-z32z-audu |
| summary |
The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-8865
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2h75-z32z-audu |
|
| 3 |
| url |
VCID-2qwh-71ab-3qef |
| vulnerability_id |
VCID-2qwh-71ab-3qef |
| summary |
Improper Restriction of Operations within the Bounds of a Memory Buffer
Heap-based buffer overflow in PCRE and PCRE2 allows remote attackers to execute arbitrary code via a crafted regular expression. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-3210
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2qwh-71ab-3qef |
|
| 4 |
|
| 5 |
| url |
VCID-2vkd-7m31-zue9 |
| vulnerability_id |
VCID-2vkd-7m31-zue9 |
| summary |
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-8383
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2vkd-7m31-zue9 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
| url |
VCID-7cc1-8j9m-87gj |
| vulnerability_id |
VCID-7cc1-8j9m-87gj |
| summary |
PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8392 and CVE-2015-8395. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-8384
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7cc1-8j9m-87gj |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
| url |
VCID-agay-5tse-xqbw |
| vulnerability_id |
VCID-agay-5tse-xqbw |
| summary |
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-3074
|
| risk_score |
1.0 |
| exploitability |
2.0 |
| weighted_severity |
0.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-agay-5tse-xqbw |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
| url |
VCID-by6c-cfvh-4uev |
| vulnerability_id |
VCID-by6c-cfvh-4uev |
| summary |
PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-8385
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-by6c-cfvh-4uev |
|
| 25 |
| url |
VCID-c2g2-p2eq-mygx |
| vulnerability_id |
VCID-c2g2-p2eq-mygx |
| summary |
PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-8388
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c2g2-p2eq-mygx |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
| url |
VCID-eevm-m3bb-8qgu |
| vulnerability_id |
VCID-eevm-m3bb-8qgu |
| summary |
Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2016-5767
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eevm-m3bb-8qgu |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
| url |
VCID-g6q6-3k6s-vuey |
| vulnerability_id |
VCID-g6q6-3k6s-vuey |
| summary |
Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an excess closing parenthesis. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-5073
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g6q6-3k6s-vuey |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
| url |
VCID-hghm-njcu-audc |
| vulnerability_id |
VCID-hghm-njcu-audc |
| summary |
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-8877
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hghm-njcu-audc |
|
| 46 |
| url |
VCID-j1b9-hpxd-tqbv |
| vulnerability_id |
VCID-j1b9-hpxd-tqbv |
| summary |
The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-7127
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j1b9-hpxd-tqbv |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
| url |
VCID-jvzj-485k-4fcw |
| vulnerability_id |
VCID-jvzj-485k-4fcw |
| summary |
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6128
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jvzj-485k-4fcw |
|
| 51 |
|
| 52 |
| url |
VCID-k84g-a51c-fugu |
| vulnerability_id |
VCID-k84g-a51c-fugu |
| summary |
The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-7126
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k84g-a51c-fugu |
|
| 53 |
| url |
VCID-kd3m-s417-qkbr |
| vulnerability_id |
VCID-kd3m-s417-qkbr |
| summary |
Improper Restriction of Operations within the Bounds of a Memory Buffer
PCRE, and PCRE2 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-3217
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kd3m-s417-qkbr |
|
| 54 |
| url |
VCID-kpkt-vb2t-kuar |
| vulnerability_id |
VCID-kpkt-vb2t-kuar |
| summary |
PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-2328
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kpkt-vb2t-kuar |
|
| 55 |
| url |
VCID-mjr6-8pyz-tbbc |
| vulnerability_id |
VCID-mjr6-8pyz-tbbc |
| summary |
Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2016-6207
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mjr6-8pyz-tbbc |
|
| 56 |
| url |
VCID-mrwr-pqss-6keq |
| vulnerability_id |
VCID-mrwr-pqss-6keq |
| summary |
PCRE before 8.36 mishandles the /(((a\2)|(a*)\g<-1>))*/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-2327
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mrwr-pqss-6keq |
|
| 57 |
|
| 58 |
| url |
VCID-p1z2-yqe2-tqaf |
| vulnerability_id |
VCID-p1z2-yqe2-tqaf |
| summary |
The compile_regex function in pcre_compile.c in PCRE before 8.38 and pcre2_compile.c in PCRE2 before 10.2x mishandles the /(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R'))))/ and /(?J:(?|(:(?|(?'R')(\z(?|(?'R')(\k'R')|((?'R')))k'R')|((?'R')))H'Ak'Rf)|s(?'R')))/ patterns, and related patterns with certain group references, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-8381
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p1z2-yqe2-tqaf |
|
| 59 |
| url |
VCID-p68m-zygn-e7c2 |
| vulnerability_id |
VCID-p68m-zygn-e7c2 |
| summary |
Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-6296
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p68m-zygn-e7c2 |
|
| 60 |
| url |
VCID-p6s9-fmbe-bbdu |
| vulnerability_id |
VCID-p6s9-fmbe-bbdu |
| summary |
PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8392. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-8395
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p6s9-fmbe-bbdu |
|
| 61 |
|
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
| url |
VCID-tkxu-ju7q-sqbn |
| vulnerability_id |
VCID-tkxu-ju7q-sqbn |
| summary |
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-2325
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tkxu-ju7q-sqbn |
|
| 66 |
| url |
VCID-twye-41tq-hkcw |
| vulnerability_id |
VCID-twye-41tq-hkcw |
| summary |
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-8386
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-twye-41tq-hkcw |
|
| 67 |
|
| 68 |
| url |
VCID-u7q1-w5yx-bfc3 |
| vulnerability_id |
VCID-u7q1-w5yx-bfc3 |
| summary |
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-8391
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u7q1-w5yx-bfc3 |
|
| 69 |
|
| 70 |
|
| 71 |
| url |
VCID-wdcy-9v3g-xqaz |
| vulnerability_id |
VCID-wdcy-9v3g-xqaz |
| summary |
gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2013-7456
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wdcy-9v3g-xqaz |
|
| 72 |
|
| 73 |
| url |
VCID-x4mv-43g5-nke4 |
| vulnerability_id |
VCID-x4mv-43g5-nke4 |
| summary |
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-5766
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x4mv-43g5-nke4 |
|
| 74 |
|
| 75 |
|
| 76 |
| url |
VCID-ys5j-2ms5-6qby |
| vulnerability_id |
VCID-ys5j-2ms5-6qby |
| summary |
The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/". |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-2326
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ys5j-2ms5-6qby |
|
| 77 |
|
| 78 |
| url |
VCID-zfag-y22f-cfcp |
| vulnerability_id |
VCID-zfag-y22f-cfcp |
| summary |
PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (unintended recursion and buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8395. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2015-8392
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zfag-y22f-cfcp |
|
| 79 |
|