Lucene search
K

6 matches found

OSV
OSV
added 2026/05/19 5:44 p.m.17 views

CLSA-2026-1779212665 php: Fix of 14 CVEs

CVE-2018-5711: fix infinite loop in gdImageCreateFromGifCtx - CVE-2018-5712: remove file name from phar stub error output XSS - CVE-2018-10545: do not set PRSETDUMPABLE in php-fpm workers by default - CVE-2018-10546: fail iconvmimedecode on invalid multibyte sequences - CVE-2018-10547: escape...

7.5CVSS6.8AI score0.79949EPSS
Exploits7References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.4 views

SUSE CVE-2016-6291

The exifprocessIFDinMAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service out-of-bounds array access and memory corruption, obtain sensitive information from process memory, or possibly have...

9.8CVSS9AI score0.05598EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.4 views

SUSE CVE-2018-14851

exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...

3.7CVSS9AI score0.04306EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2019/08/19 8:42 a.m.2 views

php: exif: Buffer over-read in exif_process_IFD_in_MAKERNOTE()

exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...

5.5CVSS7.3AI score0.04306EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/04/04 12:0 a.m.3 views

The vulnerability of the exif_process_IFD_in_MAKERNOTE module in the PHP programming language, related to reading beyond buffer boundaries, allows attackers to cause service failures.

The vulnerability of the exifprocessIFDinMAKERNOTE module located in ext/exif/exif.c in the PHP programming language is related to incorrect image processing. Exploiting this vulnerability can allow a malicious actor to cause service failures through a specially created JPEG file...

5.5CVSS6.7AI score0.04306EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2012/07/13 10:0 a.m.96 views

CVE-2012-2837

CVE-2012-2837 affects the EXIF Tag Parsing Library (libexif); the divide-by-zero occurs in mnote_olympus_entry_get_value when formatting EXIF maker note tags, via images with crafted EXIF data. Affected: libexif up to version 0.6.20 (pre-0.6.21). Impact: remote denial of service. Public advisorie...

5CVSS6.2AI score0.03859EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder