Lucene search
K

285 matches found

SUSE CVE
SUSE CVE
added 2025/02/14 5:33 a.m.2 views

SUSE CVE-2024-11233

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...

6.5CVSS5.9AI score0.01618EPSS
Exploits1References12
OSV
OSV
added 2025/01/11 1:15 p.m.7 views

AZL-56166 CVE-2024-47809 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkbresource null dereference This patch fixes a possible null pointer dereference when this function is called from requestlock as lkb-lkbresource is not assigned yet, only after validatelockargs by calling...

5.5CVSS6.7AI score0.00218EPSS
Exploits0References1
OSV
OSV
added 2025/01/11 1:15 p.m.15 views

AZL-56121 CVE-2024-47809 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkbresource null dereference This patch fixes a possible null pointer dereference when this function is called from requestlock as lkb-lkbresource is not assigned yet, only after validatelockargs by calling...

5.5CVSS6.7AI score0.00218EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 2:46 p.m.8 views

CLSA-2024-1735310784 Fix CVE(s): CVE-2024-11233

SECURITY UPDATE: Out-of-bounds read in quoted-printable decoder - debian/patches/CVE-2024-11233.patch: Fix buffer handling in convert.quoted-printable-decode filter to prevent one-byte out-of-bounds read - CVE-2024-11233...

8.2CVSS6.3AI score0.01618EPSS
Exploits1References1
OSV
OSV
added 2024/12/24 6:43 p.m.5 views

CLSA-2024-1735065830 Fix CVE(s): CVE-2024-11233

SECURITY UPDATE: Security vulnerability in package - debian/patches/CVE-2024-11233.patch: fix error in convert.quoted printable-decode filter certain data leading to buffer overread. Fix segfault with streams and invalid data. - CVE-2024-11233...

8.2CVSS6.3AI score0.01618EPSS
Exploits1References1
OSV
OSV
added 2024/12/18 5:46 p.m.6 views

CLSA-2024-1734543983 php: Fix of CVE-2024-11233

CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter...

8.2CVSS6.2AI score0.01618EPSS
Exploits1References1
OSV
OSV
added 2024/12/16 5:4 p.m.8 views

CLSA-2024-1734368527 php: Fix of CVE-2024-11233

CVE-2024-11233: Fix buffer overread by one byte issue in convert.quoted-printable-decode filter - Fix Bug 74267: segfault with streams and invalid data...

8.2CVSS6.3AI score0.01618EPSS
Exploits1References1
OSV
OSV
added 2024/12/11 9:23 a.m.7 views

CLSA-2024-1733908995 php: Fix of CVE-2024-11233

CVE-2024-11233: Fix buffer overflow vulnerability in convert.quoted-printable-decode filter; fix bug 74267...

8.2CVSS6.3AI score0.01618EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2024/12/09 8:0 a.m.4 views

Single byte overread with convert.quoted-printable-decode filter

...

8.2CVSS6.1AI score0.01618EPSS
Exploits1
OSV
OSV
added 2024/12/05 8:18 p.m.11 views

CLSA-2024-1733429914 php: Fix of CVE-2024-11233

CVE-2024-11233: fix buffer overflow vulnerability in convert.quoted-printable-decode filter...

8.2CVSS6.3AI score0.01618EPSS
Exploits1References1
OSV
OSV
added 2024/12/05 6:9 p.m.5 views

CLSA-2024-1733422173 php: Fix of CVE-2024-11233

CVE-2024-11233: Fix buffer overflow vulnerability in convert.quoted-printable-decode filter...

8.2CVSS6.3AI score0.01618EPSS
Exploits1References1
OSV
OSV
added 2024/12/05 6:6 p.m.6 views

CLSA-2024-1733421975 php: Fix of CVE-2024-11233

CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter...

8.2CVSS6.2AI score0.01618EPSS
Exploits1References1
CloudLinux
CloudLinux
added 2024/12/05 6:6 p.m.22 views

php: Fix of CVE-2024-11233

CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter...

8.2CVSS7AI score0.01618EPSS
Exploits1
SUSE Linux
SUSE Linux
added 2024/12/05 5:31 p.m.0 views

Security update for php8

This update for php8 fixes the following issues: CVE-2024-11233: buffer overread when processing input with the convert.quoted-printable-decode filter. bsc1233702 CVE-2024-11234: possible CRLF injection in URIs when a proxy is configured in a stream context. bsc1233703 CVE-2024-8929: data exposur...

8.3CVSS6.9AI score0.02286EPSS
Exploits3References12
Github Security Blog
Github Security Blog
added 2024/12/04 6:31 p.m.13 views

Unsoundness in anstream

When given a valid UTF8 string "ö\x1b😀", the function in crates/anstream/src/adapter/strip.rs will be confused. The UTF8 bytes are \xc3\xb6 then \x1b then \xf0\x9f\x98\x80. When looping over "non-printable bytes" \x1b\xf0 will be considered as some non-printable sequence. This will produce a brok...

7.2AI score
Exploits0References3Affected Software1
OSV
OSV
added 2024/12/04 6:31 p.m.5 views

GHSA-2RXC-GJRP-VJHX Unsoundness in anstream

When given a valid UTF8 string "ö\x1b😀", the function in crates/anstream/src/adapter/strip.rs will be confused. The UTF8 bytes are \xc3\xb6 then \x1b then \xf0\x9f\x98\x80. When looping over "non-printable bytes" \x1b\xf0 will be considered as some non-printable sequence. This will produce a brok...

7.2AI score
Exploits0References3
OSV
OSV
added 2024/12/03 5:18 p.m.5 views

CLSA-2024-1733246329 php: Fix of CVE-2024-11233

CVE-2024-11233: fix buffer overflow vulnerability in convert.quoted-printable-decode filter...

8.2CVSS6.3AI score0.01618EPSS
Exploits1References1
SUSE Linux
SUSE Linux
added 2024/12/03 9:8 a.m.3 views

Security update for php7

This update for php7 fixes the following issues: CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter bsc1233702. CVE-2024-11234: Configuring a proxy in a stream context might allow for CRLF injection in URIs bsc1233703. CVE-2024-8929: Leak partial content of the heap...

8.3CVSS6.8AI score0.02286EPSS
Exploits3References12
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.5 views

The vulnerability of the convert.quoted-printable-decode filter in the PHP programming language interpreter allows a hacker to trigger a service failure.

The vulnerability of the convert.quoted-printable-decode filter in the PHP programming language interpreter is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

4.8CVSS6.2AI score0.01618EPSS
Exploits1References12Affected Software4
OSV
OSV
added 2024/11/27 7:20 p.m.12 views

BIT-PHP-2024-11233 Single byte overread with convert.quoted-printable-decode filter

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...

8.2CVSS7.3AI score0.01618EPSS
Exploits1References4
Rows per page
Query Builder