Lucene search
K

59 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.4 views

SUSE CVE-2004-1065

Buffer overflow in the exifreaddata function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file...

10CVSS8.3AI score0.10042EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.2 views

SUSE CVE-2018-12882

exifreadfromimpl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free in exifreadfromfile because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exifreaddata function...

6.3CVSS9.6AI score0.068EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.4 views

SUSE CVE-2019-9638

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinMAKERNOTE because of mishandling the makernote-offset relationship to valuelen...

5.3CVSS9.5AI score0.06677EPSS
Exploits1References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.6 views

SUSE CVE-2019-9641

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinTIFF...

4.4CVSS9.6AI score0.09395EPSS
Exploits2References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.3 views

SUSE CVE-2019-11034

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exifprocessIFDTAG function. This may lead to information disclosure or crash...

4.8CVSS9.2AI score0.04094EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.3 views

SUSE CVE-2019-11035

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exifiifaddvalue function. This may lead to information disclosure or crash...

4.8CVSS9.2AI score0.04409EPSS
Exploits1References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.2 views

SUSE CVE-2019-11040

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...

4.3CVSS9.2AI score0.04068EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.5 views

SUSE CVE-2019-11050

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure o...

6.5CVSS9.2AI score0.07624EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2020/09/10 12:0 a.m.78 views

Oracle Linux 8 : php:7.3 (ELSA-2020-3662)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3662 advisory. php 7.3.20-1 - update to 7.3.20 1856655 php-pear 1:1.10.9-1 - update PEAR to 1.10.9 - update ArchiveTar to 1.4.7 - update ConsoleGetopt to 1.4.2 Tenabl...

9.8CVSS7.1AI score0.08888EPSS
Exploits19References23
RedHat Linux
RedHat Linux
added 2020/09/08 10:6 a.m.46 views

php: Heap buffer over-read in exif_scan_thumbnail()

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...

7.1CVSS7.3AI score0.0442EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/04/28 4:8 p.m.4 views

php: Heap buffer over-read in exif_process_user_comment()

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...

7.1CVSS7.3AI score0.0442EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/04/28 4:8 p.m.5 views

php: Heap buffer overflow in function exif_process_IFD_TAG()

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exifprocessIFDTAG function. This may lead to information disclosure or crash...

9.1CVSS7.3AI score0.04094EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/28 4:8 p.m.7 views

php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exifprocessIFDTAG function. This may lead to information disclosure or crash...

9.1CVSS7.3AI score0.07031EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/04/05 5:3 a.m.43 views

CVE-2019-11041

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...

7.1CVSS3.1AI score0.0442EPSS
Exploits1References3
Amazon
Amazon
added 2020/02/04 12:0 a.m.137 views

Medium: php72, php73

Issue Overview: In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is...

9.8CVSS7.6AI score0.08818EPSS
Exploits5
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.46 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2043)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.15484EPSS
Exploits18References2
OSV
OSV
added 2019/12/23 3:15 a.m.3 views

CVE-2019-11050

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure o...

6.5CVSS6.7AI score
Exploits0References13
OSV
OSV
added 2019/12/23 3:15 a.m.4 views

UBUNTU-CVE-2019-11050

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure o...

6.5CVSS6.7AI score0.07624EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2019/11/01 1:3 p.m.7 views

php: Heap buffer overflow in function exif_process_IFD_TAG()

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exifprocessIFDTAG function. This may lead to information disclosure or crash...

9.1CVSS7.3AI score0.04094EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/11/01 1:3 p.m.8 views

php: Uninitialized read in exif_process_IFD_in_MAKERNOTE

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinMAKERNOTE because of mishandling the makernote-offset relationship to valuelen...

7.5CVSS7.3AI score0.06677EPSS
Exploits1References4
Rows per page
Query Builder