Lucene search
K

8 matches found

RedHat Linux
RedHat Linux
added 2024/12/11 4:20 p.m.5 views

php: phar Buffer mismanagement

A flaw was found in PHP that can lead to a buffer overflow and a stack information leak due to improper bounds checking within the phardirread function. This issue may allow an attacker to initiate memory corruption by compelling the application to open a specially crafted .phar archive, allowing...

9.8CVSS6AI score0.08003EPSS
Exploits3References7
OSV
OSV
added 2024/01/31 11:22 a.m.7 views

CLSA-2024-1706700142 php: Fix of 8 CVEs

CVE-2021-21702: Fix null pointer crash because of malformed SOAP server response - CVE-2021-21703: Fix error in php fpm shared memory organization leading to privilage escalation - CVE-2022-31625: Fix freeing of uninitialized memory leading to RCE - CVE-2022-31626: Fix buffer overflow in mysqlnd...

9.8CVSS7.2AI score0.5838EPSS
Exploits9References1
BDU FSTEC
BDU FSTEC
added 2023/10/13 12:0 a.m.5 views

The vulnerability of the phar_dir_read() function in the PHP interpreter allows a hacker to execute arbitrary code.

The vulnerability of the phardirread function in the PHP interpreter arises due to an overflow in the stack buffer. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.6AI score0.08003EPSS
Exploits3References10Affected Software6
OSV
OSV
added 2023/08/23 7:4 p.m.4 views

CLSA-2023-1692817457 Fix CVE(s): CVE-2023-3823, CVE-2023-3824

SECURITY UPDATE: external entity loading in XML without enabling it - debian/patches/CVE-2023-3823.patch: sanitize libxml2 globals before parsing. - CVE-2023-3823 SECURITY UPDATE: buffer mismanagement in phardirread - debian/patches/php-upstream-CVE-2023-3824.patch: fix buffer mismanagement in...

9.8CVSS7.1AI score0.08003EPSS
Exploits4References1
OSV
OSV
added 2023/08/23 7:1 p.m.3 views

CLSA-2023-1692817288 Fix CVE(s): CVE-2023-3824, CVE-2023-3823

SECURITY UPDATE: external entity loading in XML without enabling it - debian/patches/php-7.1-CVE-2023-3823.patch: sanitize libxml2 globals before parsing. - CVE-2023-3823 SECURITY UPDATE: buffer mismanagement in phardirread - debian/patches/php-upstream-CVE-2023-3824.patch: fix buffer mismanageme...

9.8CVSS7AI score0.08003EPSS
Exploits4References1
Microsoft CVE
Microsoft CVE
added 2023/08/22 7:0 a.m.3 views

Buffer overflow and overread in phar_dir_read()

...

9.8CVSS7.8AI score0.08003EPSS
Exploits3
OSV
OSV
added 2023/08/21 3:39 p.m.6 views

CLSA-2023-1692632368 php: Fix of 2 CVEs

CVE-2023-3823: Fix external entity loading in XML without enabling by sanitizing libxml2 globals before parsing - CVE-2023-3824: Fix buffer mismanagement in phardirread...

9.8CVSS6.3AI score0.08003EPSS
Exploits4References1
OSV
OSV
added 2023/08/21 3:28 p.m.7 views

CLSA-2023-1692631677 php: Fix of 2 CVEs

CVE-2023-3823: Fix external entity loading in XML without enabling by sanitizing libxml2 globals before parsing - CVE-2023-3824: Fix buffer mismanagement in phardirread...

9.8CVSS7.1AI score0.08003EPSS
Exploits4References1
Rows per page
Query Builder