Vulnerabilities > PHP

DATE CVE VULNERABILITY TITLE RISK
2016-07-25 CVE-2016-6288 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP
The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors involving the smart_str data type.
network
low complexity
php CWE-119
critical
9.8
2016-07-19 CVE-2016-5385 Open Redirect vulnerability in multiple products
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
8.1
2016-07-12 CVE-2016-6174 applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter.
network
high complexity
invisioncommunity php
8.1
2016-05-22 CVE-2016-4544 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
network
low complexity
php opensuse fedoraproject debian CWE-119
critical
9.8
2016-05-22 CVE-2016-4543 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
network
low complexity
hp php fedoraproject opensuse CWE-119
critical
9.8
2016-05-22 CVE-2016-4542 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
network
low complexity
php opensuse fedoraproject CWE-119
critical
9.8
2016-05-22 CVE-2016-4541 The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
network
low complexity
fedoraproject php opensuse
critical
9.8
2016-05-22 CVE-2016-4540 The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
network
low complexity
fedoraproject opensuse php
critical
9.8
2016-05-22 CVE-2016-4539 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero.
network
low complexity
php opensuse fedoraproject CWE-119
critical
9.8
2016-05-22 CVE-2016-4538 Improper Input Validation vulnerability in multiple products
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.
network
low complexity
php fedoraproject opensuse CWE-20
critical
9.8