CVE search results

21 – 30 of 60 results

Detailed view

Sort by:

CVE-2016-10166

Medium priority

Fixed

Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-8670

Medium priority

Fixed

Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of...

3 affected packages

php5, libgd2, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	—
libgd2	—	—	—	—
php7.0	—	—	—	—

CVE-2016-6911

Medium priority

Fixed

The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-6905

Medium priority

Fixed

The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.

3 affected packages

php5, libgd2, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
php5	—	—	—	—
libgd2	—	—	—	—
php7.0	—	—	—	—

CVE-2016-7568

Medium priority

Fixed

Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or...

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-7126

Medium priority

Not affected

The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation...

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-7127

Medium priority

Fixed

The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have...

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-5767

Medium priority

Not affected

Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of...

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-6207

Medium priority

Some fixes available 2 of 3

Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption)...

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

CVE-2016-6214

Low priority

Some fixes available 2 of 3

gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

3 affected packages

libgd2, php5, php7.0

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgd2	—	—	—	—
php5	—	—	—	—
php7.0	—	—	—	—

Export to JSON

Results by page:

Search CVE reports