Lucene search
K

534 matches found

RedHat Linux
RedHat Linux
added 2019/08/19 8:42 a.m.2 views

php: Buffer over-read in exif_read_data()

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...

9.1CVSS7.3AI score0.04068EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2019/08/19 8:42 a.m.4 views

php: Heap use after free in ext/standard/var_unserializer.re

ext/standard/varunserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an...

9.8CVSS5.8AI score0.0742EPSS
Exploits0References4
Fedora
Fedora
added 2019/06/28 5:21 a.m.45 views

[SECURITY] Fedora 29 Update: php-brumann-polyfill-unserialize-1.0.3-1.fc29

Backports unserialize options introduced in PHP 7.0 to older PHP versions. This was originally designed as a Proof of Concept for Symfony Issue 21090. You can use this package in projects that rely on PHP versions older than P HP 7.0. In case you are using PHP 7.0+ the original unserialize will b...

9.8CVSS2.6AI score0.05586EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/06/18 11:28 p.m.49 views

CVE-2019-11038

When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...

5.3CVSS5.8AI score0.04332EPSS
Exploits1
Cvelist
Cvelist
added 2019/06/18 11:28 p.m.35 views

CVE-2019-11039 Out-of-bounds read in iconv.c

Function iconvmimedecodeheaders in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash...

4.2CVSS9.2AI score0.0313EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2019/06/02 12:0 a.m.5 views

PT-2024-6535 · Php +2 · Php +2

Name of the Vulnerable Software and Affected Versions: PHP versions 8.1. through 8.1.29 PHP versions 8.2. through 8.2.23 PHP versions 8.3. through 8.3.11 Description: The issue exists due to the failure to neutralize special elements in the PHP interpreter. This may allow a malicious user to pass...

10CVSS6.3AI score0.99987EPSS
Exploits89References180
Positive Technologies
Positive Technologies
added 2019/06/02 12:0 a.m.4 views

PT-2024-6534 · Php +10 · Php +10

Name of the Vulnerable Software and Affected Versions: PHP versions 8.1. through 8.1.29 PHP versions 8.2. through 8.2.23 PHP versions 8.3. through 8.3.11 Description: The issue is related to erroneous parsing of multipart form data contained in an HTTP POST request, which could lead to legitimate...

10CVSS7.4AI score0.99987EPSS
Exploits93References320
Positive Technologies
Positive Technologies
added 2019/06/02 12:0 a.m.7 views

PT-2024-6536 · Php +10 · Php +10

Name of the Vulnerable Software and Affected Versions: PHP versions 8.1. through 8.1.29 PHP versions 8.2. through 8.2.23 PHP versions 8.3. through 8.3.11 Description: The issue is related to errors in security settings, specifically with the cgi.force redirect configuration. In certain scenarios,...

10CVSS7.6AI score0.99987EPSS
Exploits93References314
Prion
Prion
added 2019/03/27 7:30 p.m.19 views

Design/Logic Flaw

An Information Disclosure / Data Modification issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. A URL can be constructed which allows overriding the PDF file's path leading to any PDF whose path is known and which is readable to the web server can ...

7.5CVSS8.8AI score0.04361EPSS
Exploits3References4Affected Software1
Cvelist
Cvelist
added 2019/03/27 6:7 p.m.49 views

CVE-2019-1010257

An Information Disclosure / Data Modification issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. A URL can be constructed which allows overriding the PDF file's path leading to any PDF whose path is known and which is readable to the web server can ...

9AI score0.04361EPSS
Exploits3References4
OSV
OSV
added 2019/03/08 12:0 a.m.1 views

UBUNTU-CVE-2019-9640

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exifprocessSOFn...

7.5CVSS6.7AI score0.06183EPSS
Exploits1References6
OSV
OSV
added 2019/02/22 12:0 a.m.1 views

UBUNTU-CVE-2019-9020

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpcdecode can lead to an invalid memory access heap out of bounds read or read after free. This is related to xmlelemparsebuf in...

9.8CVSS6.7AI score0.10059EPSS
Exploits1References4
OSV
OSV
added 2019/02/21 12:0 a.m.4 views

UBUNTU-CVE-2018-20783

In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to pharparsepharfile in...

7.5CVSS7AI score0.0566EPSS
Exploits1References5
OSV
OSV
added 2019/01/27 2:29 a.m.6 views

DEBIAN-CVE-2019-6977

gdImageColorMatch in gdcolormatch.c in the GD Graphics Library aka LibGD 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigg...

8.8CVSS9.4AI score0.65116EPSS
Exploits7References1
OSV
OSV
added 2018/08/02 7:29 p.m.4 views

ALPINE-CVE-2018-14851

exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...

5.5CVSS6.7AI score0.04306EPSS
Exploits0References1
OSV
OSV
added 2018/08/02 12:0 a.m.1 views

UBUNTU-CVE-2018-14851

exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...

5.5CVSS6.8AI score0.04306EPSS
Exploits0References6
NVD
NVD
added 2018/06/26 4:29 p.m.9 views

CVE-2018-1000502

MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel Tools and Maintenance - Task Manager - Add New Task that can result in Allows Local File Inclusion on modern PHP versions and Remote File Inclusion on ancient PHP versions. This attack appear to be exploitable via Must have...

7.2CVSS7.2AI score0.01283EPSS
Exploits0References2
Prion
Prion
added 2018/06/26 4:29 p.m.25 views

Design/Logic Flaw

MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel Tools and Maintenance - Task Manager - Add New Task that can result in Allows Local File Inclusion on modern PHP versions and Remote File Inclusion on ancient PHP versions. This attack appear to be exploitable via Must have...

6.5CVSS7.1AI score0.01283EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/06/26 4:0 p.m.29 views

CVE-2018-1000502

MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel Tools and Maintenance - Task Manager - Add New Task that can result in Allows Local File Inclusion on modern PHP versions and Remote File Inclusion on ancient PHP versions. This attack appear to be exploitable via Must have...

7.1AI score0.01283EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/05/03 5:6 a.m.4 views

php: Stack based buffer overflow in msgfmt_format_message

ext/intl/msgformat/msgformatformat.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via ...

7.5CVSS7.4AI score0.06672EPSS
Exploits1References4
Rows per page
Query Builder