113 matches found
CVE-2018-20685
CVE-2018-20685 affects OpenSSH scp client: scp.c allows remote servers to bypass access restrictions via the filename "." or an empty filename, potentially enabling modification of the client-directory permissions. Multiple advisories confirm this vulnerability and fix paths: Arch Linux ASA-20190...
CVE-2019-6110
CVE-2019-6110 (OpenSSH SCP client) affects OpenSSH 7.9. The vulnerability arises from accepting and displaying arbitrary stderr output from the SCP server, allowing a malicious server or MITM to spoof SCP client output and potentially mask or override transferred files. Connected advisories confi...
CVE-2019-6109
OpenSSH 7.9 contains CVE-2019-6109: missing character encoding in the progress display allows a malicious server/MITM to spoof scp client output by crafting object names (refresh_progress_meter in progressmeter.c). The vulnerability can enable spoofing of file transfer output; related issues incl...
CVE-2017-15715
CVE-2017-15715 affects Apache HTTP Server 2.4.0–2.4.29. The issue: the expression could treat a trailing '$' as a newline in a malicious filename, bypassing filename-end checks and potentially allowing uploads that would otherwise be blocked. Documents consistently describe this as a bypass vuln...
CVE-2018-1283
In Apache httpd (mod_session) versions 2.4.0–2.4.29, when SessionEnv forwarding is enabled to CGI applications, a remote attacker can influence their content by sending a crafted Session header. This arises from mod_session forwarding data using the HTTP_SESSION variable name, which overlaps with...
CVE-2018-17199
In Apache HTTP Server 2.4.x up to 2.4.37, the vulnerability CVE-2018-17199 is caused by mod_session_cookie: the session expiry time is checked before decoding the session, so expiry is ignored for mod_session_cookie sessions. This means session expiry may not be enforced for affected sessions. Th...
CVE-2017-9788
Apache httpd vulnerability CVE-2017-9788 stems from mod_auth_digest not initializing or resetting the value placeholder in Digest Proxy-Authorization headers between key=value assignments, which can leak previous memory data or cause a segfault/DoS. Affected: httpd 2.2.34 and 2.4.x prior to 2.4.2...
CVE-2016-8612
CVE-2016-8612 affects Apache HTTP Server mod_cluster prior to httpd 2.4.23, with a flaw in the protocol parsing logic of the load balancer that can cause a Segmentation Fault in the httpd process due to improper input validation. Exploitation details are not provided in the connected documents; r...
CVE-2017-15710
The CVE-2017-15710 issue affects Apache httpd when mod_authnz_ldap is used with AuthLDAPCharsetConfig. A crafted Accept-Language header is looked up in a charset table; if not present, it is truncated to two characters, and values shorter than two characters trigger an out-of-bounds write of a NU...
CVE-2019-9641
CVE-2019-9641 affects PHP's EXIF extension (older PHP 7.1.x/7.2.x/7.3.x branches). Affected versions are PHP 7.1.0–7.1.26/7.2.0–7.2.15/7.3.0–7.3.2 (per sources: 7.1.27, 7.2.16, 7.3.3 as fixed). The root cause is an uninitialized read in exif_process_IFD_in_TIFF (with related notes on exif_process...
CVE-2018-11763
CVE-2018-11763 affects Apache HTTP Server 2.4.17–2.4.34 and targets the HTTP/2 implementation. The issue arises when a client sends continuous, large SETTINGS frames, allowing a single connection to occupy a server thread and CPU time without triggering a connection timeout. Impact is limited to ...
CVE-2019-9020
CVE-2019-9020 affects PHP versions before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. It stems from invalid input to xmlrpc_decode(), enabling a heap out-of-bounds read via xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c. The impact is a memory access issue th...
CVE-2019-9021
CVE-2019-9021 affects PHP releases prior to 5.6.40, 7.x prior to 7.1.26, 7.2.x prior to 7.2.14, and 7.3.x prior to 7.3.1. It describes a heap-based buffer over-read in PHAR reading functions of the PHAR extension (phar_detect_phar_fname_ext in ext/phar/phar.c) that can cause reading memory past t...
CVE-2019-9024
CVE-2019-9024 affects PHP’s xmlrpc_decode() path via base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c. A hostile XMLRPC server can cause memory to be read outside allocated areas. Affected: PHP 5.6.x before 5.6.40; PHP 7.x before 7.1.26; 7.2.x before 7.2.14; 7.3.x before 7.3.1. Remediation (...
CVE-2018-1333
CVE-2018-1333 affects Apache HTTP Server. By specially crafting HTTP/2 requests, workers could be allocated 60 seconds longer than necessary, causing worker exhaustion and denial of service. Affected versions: 2.4.18–2.4.30 and 2.4.33; fixed in 2.4.34. The vulnerability originates from the HTTP/2...
CVE-2018-1301
CVE-2018-1301 affects the Apache HTTP Server (httpd) prior to 2.4.30, caused by an out-of-bounds access after a size limit is reached when reading the HTTP header. Impact described as a crash (low risk for normal usage). Affected component is httpd’s HTTP header parsing; root cause is an out-of-b...
CVE-2019-9023
CVE-2019-9023 affects PHP mbstring: heap-based buffer over-read when regcomp/regexec/regparse in mbstring are fed invalid multibyte data. Affected versions include PHP 5.6.40 and PHP 7.x prior to 7.1.26 (7.1.x), 7.2.x prior to 7.2.14, and 7.3.x prior to 7.3.1. Root cause is memory read outside al...
CVE-2018-1303
CVE-2018-1303: An out-of-bounds read in mod_cache_socache could crash the Apache HTTP Server prior to 2.4.30, enabling a DoS against users of httpd. The issue is discussed across multiple advisories (Debian/ALT Linux/Arch Linux security notes and CentOS RH advisories) and is attributed to imprope...
CVE-2017-9120
CVE-2017-9120 affects PHP 7.x through 7.1.5, due to an Integer overflow in mysqli_real_escape_string that can trigger a denial of service (buffer overflow and application crash). The connected documents confirm this root cause and impact across multiple advisories and listings (e.g., CVE-2017-912...
CVE-2018-17189
CVE-2018-17189 : In Apache HTTP Server 2.4.37 and earlier, mod_http2 can cause a DoS by handling slowloris-style request bodies, unnecessarily occupying a server thread for the h2 stream on HTTP/2 connections. Affected product: Apache HTTP Server with mod_http2. Impact: denial of service via thre...
CVE-2018-1302
Apache HTTP Server (httpd) before 2.4.30 may write a NULL pointer to freed memory when an HTTP/2 stream is destroyed after handling. This is described as low risk and hard to trigger in standard configurations, with no reproducibility outside debug builds. Affected releases include older 2.4.x li...
CVE-2019-6977
The CVE-2019-6977 issue affects the GD Graphics Library (LibGD) via gdImageColorMatch in gd_color_match.c. A heap-based buffer overflow in this function affects GD 2.2.5 and PHP builds before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1 when imagecolormatch processes cra...
CVE-2019-9637
CVE-2019-9637 concerns a PHP file-rename across filesystems: during the rename, the target may briefly have incorrect permissions, potentially allowing unauthorized data access. The initial description specifies affected PHP versions: before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Co...
CVE-2019-1559
OpenSSL vulnerability CVE-2019-1559 describes a padding-oracle weakness where, if an application encounters a fatal protocol error and then calls SSL_shutdown() twice (to send close_notify and to receive one), the server may respond differently to a 0-byte record with invalid padding versus inval...
CVE-2019-9639
CVE-2019-9639 affects the PHP EXIF extension: uninitialized read in exif_process_IFD_in_MAKERNOTE (data_len mishandling) on PHP < 7.1.27, < 7.2.16, and
CVE-2019-9638
CVE-2019-9638 affects PHP’s EXIF component. Root cause: uninitialized read in exif_process_IFD_in_MAKERNOTE due to mishandling maker_note->offset/value_len. Affected versions: PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Impact is potential arbitrary code execution on the sy...
CVE-2018-8014
CVE-2018-8014 affects the default configuration of Tomcat’s CORS filter, where default settings enable supportsCredentials for all origins across multiple releases (9.0.0.M1–9.0.8, 8.5.0–8.5.31, 8.0.0.RC1–8.0.52, 7.0.41–7.0.88). The issue is that environments relying on the default CORS configura...
CVE-2018-17082
The CVE-2018-17082 entry covers a cross-site scripting vulnerability in the Apache2 module of PHP. Affected releases are PHP with Apache2 handler: PHP 5.6.38 and earlier in 5.6.x; 7.0.x before 7.0.32; 7.1.x before 7.1.22; and 7.2.x before 7.2.10. The root cause is mishandling of the bucket brigad...
CVE-2019-2537
CVE-2019-2537 affects the MySQL Server component (subcomponent: Server: DDL) of Oracle MySQL. Affected: 5.6.42 and prior, 5.7.24 and prior, 8.0.13 and prior. Description in connected docs confirms an easily exploitable, network-accessible vulnerability that can cause the MySQL Server to hang or c...
CVE-2019-2529
CVE-2019-2529 affects Oracle MySQL Server (Server: Optimizer). Affected: 5.6.42 and prior, 5.7.24 and prior, 8.0.13 and prior. Low-privilege, network-access attacker can cause a hang or complete DOS. Remediation: advisories/applicable updates exist (e.g., ALAS/CentOS/RHSA); update mariadb/mysql p...
CVE-2018-10549
PHP contains an out-of-bounds read in exif_read_data() (ext/exif/exif.c) when parsing crafted JPEG data due to MakerNote handling lacking a final '\0' character. Affected are PHP 5.6.x up to 5.6.36, 7.0.x up to 7.0.30, 7.1.x up to 7.1.17, and 7.2.x up to 7.2.5. Impact: potential reads beyond boun...
CVE-2018-10545
Technical details (affected products, versions, exploit information, and fixes) are not provided in the supplied documents. Please monitor for updates.
CVE-2019-9022
CVE-2019-9022 affects PHP 7.x prior to 7.1.26, 7.2.x prior to 7.2.14, and 7.3.x prior to 7.3.2. dns_get_record may misparse a DNS response, enabling a hostile DNS server to cause memcpy misuse and read past the buffer allocated for DNS data in php_parserr (ext/standard/dns.c) for DNS_CAA and DNS_...
CVE-2017-5645
CVE-2017-5645 affects Apache Log4j 2.x prior to 2.8.2. The vulnerability arises when using a TCP/UDP socket server to receive serialized log events from another application; a crafted binary payload can be deserialized to execute arbitrary code. The documented impact is remote code execution via ...
CVE-2018-10547
CVE-2018-10547: Reflected XSS on PHAR 403/404 error pages due to an incomplete fix for CVE-2018-5712. Affected PHP versions are: 5.6 before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. Exploitation involves request data for a .phar file leading to XSS on error pages. ...
CVE-2018-3064
CVE-2018-3064 affects the MySQL Server component (InnoDB). The initial description lists affected versions as 5.6.40 and earlier, 5.7.22 and earlier, and 8.0.11 and earlier, with a network-accessible, low-privilege exploit that can cause a hang/crash (DoS) and unauthorized read/write of data. Con...
CVE-2018-0734
CVE-2018-0734 (OpenSSL) describes a timing side-channel in the DSA signature algorithm that could enable private key recovery. The initial entry notes fixes in OpenSSL releases 1.1.1a (and 1.1.0j, 1.0.2q) for affected branches. Connected advisories (CloudLinux, Arch Linux, Amazon/Linux distributi...
CVE-2017-16642
CVE-2017-16642 is a PHP core timelib_meridian parsing bug in ext/date/lib/parse_date.c causing out-of-bounds reads. Affected are PHP versions before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11. The issue can leak information from the interpreter if attackers supply crafted date strings. Th...
CVE-2018-14883
CVE-2018-14883 is a heap-based buffer over-read in exif_thumbnail_extract (exif.c) of PHP. Affected are PHP 5.6.37 and 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. Some sources note potential remote code execution in vulnerable scenarios. Remediation is to upgrade to the fixe...
CVE-2018-10548
CVE-2018-10548 affects PHP’s ext/ldap/ldap.c, where mishandling of the ldap_get_dn return value enables a remote LDAP server to trigger a NULL pointer dereference and cause denial of service (application crash). Affected branches: PHP 5.6.x up to 5.6.36, 7.0.x up to 7.0.30, 7.1.x up to 7.1.17, an...
CVE-2019-11034
CVE-2019-11034 (and related CVEs) affects PHP’s EXIF extension. The issue is a heap-based/over-read when processing certain files that allows reading beyond allocated buffers via exif_process_IFD_TAG (and related functions such as exif_iif_add_value). Affected PHP branches: 7.1.x < 7.1.28, 7.2...
CVE-2018-15132
The CVE-2018-15132 issue affects PHP's Windows implementation in ext/standard/link_win32.c. The linkinfo function does not perform an open_basedir check, enabling potential access to files outside allowed directories. Affected versions are PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1....
CVE-2018-3060
CVE-2018-3060 affects Oracle MySQL Server (InnoDB) with affected versions 5.5/5.6 per IBM/Guardium disclosures. The vulnerability is described as an unspecified issue in InnoDB that could allow an authenticated attacker to achieve no confidentiality impact, but high integrity and high availabilit...
CVE-2019-2534
CVE-2019-2534 affects Oracle MySQL Server (subcomponent: Server: Replication). Affected versions are 5.6.42 and earlier, 5.7.24 and earlier, and 8.0.13 and earlier. The vulnerability is exploitable by a low-privileged attacker with network access via multiple protocols, potentially leading to una...
CVE-2019-11035
CVE-2019-11035 affects the PHP EXIF extension: reading past the allocated buffer in exif_iif_add_value can disclose information or crash. Affected are PHP 7.1.x < 7.1.28, 7.2.x < 7.2.17, and 7.3.x
CVE-2018-10933
CVE-2018-10933 affects libssh, specifically the server-side state machine, where versions prior to 0.7.6 and 0.8.4 allow an unauthenticated attacker to create channels and gain unauthorized access. The underlying issue is an authentication bypass in the server code, reported by multiple vendors a...
CVE-2018-10546
CVE-2018-10546 affects PHP versions prior to 5.6.36, 7.0.x prior to 7.0.30, 7.1.x prior to 7.1.17, and 7.2.x prior to 7.2.5. The root cause is an infinite loop in ext/iconv/iconv.c caused by the iconv stream filter not rejecting invalid multibyte sequences. Consequences include potential denial o...
CVE-2018-3081
CVE-2018-3081 affects the MySQL Client component of Oracle MySQL. Affected versions: 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior, and 8.0.11 and prior. Attackers with network access via multiple protocols can exploit it to cause a hang or a crash (DoS) and may update/insert/delete data i...
CVE-2018-3156
CVE-2018-3156 affects Oracle MySQL Server (subcomponents: InnoDB; also referenced in multiple advisories) with affected versions: 5.6.41 and earlier, 5.7.23 and earlier, and 8.0.12 and earlier. According to the connected advisories for Linux distributions, the vulnerability enables network-access...
CVE-2018-3251
CVE-2018-3251 affects Oracle MySQL Server (InnoDB). Affected: 5.6.41 and earlier, 5.7.23 and earlier, 8.0.12 and earlier. Exploitation via network against multiple protocols can cause a hang or crash (DOS). Several advisories reference fixes in corresponding OS/package updates (e.g., ALAS and Deb...