Lucene search
K

9 matches found

OSV
OSV
added 2025/12/21 4:11 a.m.5 views

MGASA-2025-0330 Updated php packages fix security vulnerabilities

Opcache: - Reset global pointers to prevent use-after-free in zendjitstatus. PDO: - Fixed PDO quoting result null deref. Standard: - Fixed Null byte termination in dnsgetrecord - Heap buffer overflow in arraymerge - Information Leak of Memory in getimagesize...

8.2CVSS7.3AI score0.00573EPSS
Exploits4References3
Mageia
Mageia
added 2025/12/21 4:11 a.m.11 views

Updated php packages fix security vulnerabilities

Opcache: - Reset global pointers to prevent use-after-free in zendjitstatus. PDO: - Fixed PDO quoting result null deref. Standard: - Fixed Null byte termination in dnsgetrecord - Heap buffer overflow in arraymerge - Information Leak of Memory in getimagesize...

8.2CVSS7.5AI score0.00573EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2014-3980

Malicious code in bioql PyPI...

5.1CVSS7.3AI score0.1091EPSS
Exploits0References35
SUSE CVE
SUSE CVE
added 2023/02/15 4:15 a.m.3 views

SUSE CVE-2019-9022

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dnsgetrecord misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects phpparser...

6.5CVSS9.6AI score0.04188EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2019/11/01 1:3 p.m.4 views

php: memcpy with negative length via crafted DNS response

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dnsgetrecord misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects phpparser...

7.5CVSS7.5AI score0.04188EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.8 views

The vulnerability of the “read” function in PHP’s DNS_get_record interpreter, related to reading data beyond the boundaries of the memory buffer, allows attackers to access confidential data.

The vulnerability of the “read” function in the PHP language interpreter’s dnsgetrecord function relates to reading data beyond the boundaries of the allocated memory buffer. Exploiting this vulnerability could allow an attacker to gain access to confidential data during the processing of DNS...

7.5CVSS7.1AI score0.04188EPSS
Exploits1References6Affected Software2
OSV
OSV
added 2019/02/22 12:0 a.m.2 views

UBUNTU-CVE-2019-9022

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dnsgetrecord misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects phpparser...

7.5CVSS7.1AI score0.04188EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2014/09/30 9:9 a.m.3 views

php: multiple buffer over-reads in php_parserr

Multiple buffer over-read flaws were found in the phpparserr function of PHP. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to crash a PHP application that used the dnsgetrecord function to perform a DNS query...

6.8CVSS7.3AI score0.15427EPSS
Exploits0References4
OSV
OSV
added 2014/06/18 12:0 a.m.5 views

UBUNTU-CVE-2014-4049

Heap-based buffer overflow in the phpparserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service crash and possibly execute arbitrary code via a crafted DNS TXT record, related to the dnsgetrecord function...

5.1CVSS7.3AI score0.1091EPSS
Exploits0References4
Rows per page
Query Builder