Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

php php 5.6.13 vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2016-4071
Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP prior to 5.5.34, 5.6.x prior to 5.6.20, and 7.x prior to 7.0.5 allows remote malicious users to execute arbitrary code via format string specifiers in an SNMP::get call.
Php Php 5.6.1Php Php 5.6.0Php Php 5.6.5Php Php 5.6.12Php Php 5.6.13Php Php 5.6.4Php Php 5.6.6Php Php 5.6.18Php Php 5.6.11Php Php 5.6.2Php Php 5.6.10Php Php 5.6.7Php Php 5.6.15Php Php 5.6.17Php Php 5.6.16Php Php 5.6.9Php Php 5.6.3Php Php 5.6.8Php Php 5.6.14Php Php 5.6.19Apple Mac Os XPhp Php 5.5.0
8.6
CVSSv3
CVE-2016-5093
The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP prior to 5.5.36, 5.6.x prior to 5.6.22, and 7.x prior to 7.0.7 does not ensure the presence of a '\0' character, which allows remote malicious users to cause a denial of service (out-of-bound...
Php Php 5.6.2Php Php 5.6.19Php Php 7.0.6Php Php 5.6.18Php Php 5.6.6Php Php 5.6.7Php Php 5.6.0Php Php 5.6.1Php Php 7.0.0Php Php 7.0.1Php Php 5.6.17Php Php 5.6.16Php Php 5.6.15Php Php 5.6.8Php Php 5.6.9Php PhpPhp Php 7.0.2Php Php 7.0.3Php Php 5.6.14Php Php 5.6.3Php Php 5.6.13Php Php 5.6.12
8.6
CVSSv3
CVE-2016-5095
Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP prior to 5.5.36 and 5.6.x prior to 5.6.22 allows remote malicious users to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FIL...
Php Php 5.6.0Php Php 5.6.1Php Php 5.6.16Php Php 5.6.17Php Php 5.6.4Php Php 5.6.5Php Php 5.6.10Php Php 5.6.11Php Php 5.6.18Php Php 5.6.19Php Php 5.6.6Php Php 5.6.7Php Php 5.6.8Php Php 5.6.14Php Php 5.6.15Php Php 5.6.21Php Php 5.6.3Php Php 5.6.12Php Php 5.6.13Php Php 5.6.2Php Php 5.6.20Php Php 5.6.9
8.1
CVSSv3
CVE-2016-3171
Drupal 6.x prior to 6.38, when used with PHP prior to 5.4.45, 5.5.x prior to 5.5.29, or 5.6.x prior to 5.6.13, might allow remote malicious users to execute arbitrary code via vectors related to session data truncation.
Drupal Drupal 6.37Drupal Drupal 6.8Drupal Drupal 6.36Drupal Drupal 6.34Drupal Drupal 6.28Drupal Drupal 6.26Drupal Drupal 6.2Drupal Drupal 6.18Drupal Drupal 6.13Drupal Drupal 6.11Drupal Drupal 6.0Drupal Drupal 6.7Drupal Drupal 6.6Drupal Drupal 6.5Drupal Drupal 6.4Drupal Drupal 6.25Drupal Drupal 6.24Drupal Drupal 6.23Drupal Drupal 6.22Drupal Drupal 6.21Drupal Drupal 6.1Drupal Drupal 6.32
7.5
CVSSv3
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.0.0Php Php 5.0.1Php Php 5.0.2Php Php 5.1.3Php Php 5.1.4Php Php 5.2.13Php Php 5.2.14Php Php 5.2.5Php Php 5.2.6Php Php 5.3.11Php Php 5.3.12Php Php 5.3.2Php Php 5.3.20Php Php 5.3.27Php Php 5.3.28Php Php 5.3.9Php Php 5.4.0Php Php 5.4.13Php Php 5.4.14Php Php 5.4.19Php Php 5.4.2Php Php 5.4.26
6.5
CVSSv3
CVE-2016-6292
The exif_process_user_comment function in ext/exif/exif.c in PHP prior to 5.5.38, 5.6.x prior to 5.6.24, and 7.x prior to 7.0.9 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image.
Php Php 5.6.1Php Php 5.6.0Php Php 5.6.5Php Php 7.0.4Php Php 5.6.12Php Php 5.6.13Php Php 5.6.4Php Php 7.0.3Php Php 5.6.6Php Php 7.0.1Php Php 5.6.18Php Php 5.6.11Php Php 5.6.2Php Php 5.6.10Php PhpPhp Php 5.6.7Php Php 5.6.21Php Php 5.6.15Php Php 5.6.20Php Php 7.0.2Php Php 5.6.17Php Php 5.6.16
NA
CVE-2024-31210
WordPress is an open publishing platform for the Web. It's possible for a file of a type other than a zip file to be submitted as a new plugin by an administrative user on the Plugins -> Add New -> Upload Plugin screen in WordPress. If FTP credentials are requested for...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook