30 matches found
EUVD-2019-2755
Malware in sbrugna...
EUVD-2019-2748
Malware in sbrugna...
EUVD-2019-2743
Malware in sbrugna...
EUVD-2019-2744
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-11040
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and...
Linux Distros Unpatched Vulnerability : CVE-2019-11041
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and...
Linux Distros Unpatched Vulnerability : CVE-2019-11035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated...
Linux Distros Unpatched Vulnerability : CVE-2019-11047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and...
Linux Distros Unpatched Vulnerability : CVE-2019-11042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and...
Linux Distros Unpatched Vulnerability : CVE-2019-11050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and...
Linux Distros Unpatched Vulnerability : CVE-2019-11036
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated...
Amazon Linux AMI : php72 (ALAS-2024-1921)
The version of php72 installed on the remote host is prior to 7.2.26-1.19. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1921 advisory. 2024-02-28: CVE-2019-11045 was added to this advisory. 2024-02-28: CVE-2019-11049 was added to this advisory. 2024-02-28:...
K44590877: PHP vulnerabilities CVE-2019-11034 and CVE-2019-11035
Security Advisory Description CVE-2019-11034 When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exifprocessIFDTAG function. This may lead to information disclosure or crash...
SUSE CVE-2019-11035
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exifiifaddvalue function. This may lead to information disclosure or crash...
Oracle Linux 8 : php:7.3 (ELSA-2020-3662)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3662 advisory. php 7.3.20-1 - update to 7.3.20 1856655 php-pear 1:1.10.9-1 - update PEAR to 1.10.9 - update ArchiveTar to 1.4.7 - update ConsoleGetopt to 1.4.2 Tenabl...
php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exifprocessIFDTAG function. This may lead to information disclosure or crash...
CVE-2019-11041
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...
Medium: php72, php73
Issue Overview: In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2043)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-11050
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure o...