Php

Php

711 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-9639

Exploit
  • EPSS 18.27%
  • Veröffentlicht 09.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:01

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.

7.5

CVE-2019-9640

Exploit
  • EPSS 14.33%
  • Veröffentlicht 09.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:01

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.

9.8

CVE-2019-9641

Exploit
  • EPSS 50.55%
  • Veröffentlicht 09.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:02

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

9.8

CVE-2019-9020

Exploit
  • EPSS 3.16%
  • Veröffentlicht 22.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:49

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is rel...

9.8

CVE-2019-9021

Exploit
  • EPSS 30.4%
  • Veröffentlicht 22.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:49

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory ...

7.5

CVE-2019-9022

Exploit
  • EPSS 7.13%
  • Veröffentlicht 22.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:49

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buff...

9.8

CVE-2019-9023

Exploit
  • EPSS 17.45%
  • Veröffentlicht 22.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:49

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte ...

7.5

CVE-2019-9024

Exploit
  • EPSS 16.4%
  • Veröffentlicht 22.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:50

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlr...

9.8

CVE-2019-9025

Exploit
  • EPSS 0.59%
  • Veröffentlicht 22.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:50

An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mb_split() function in ext/mbstring/php_mbregex.c can cause PHP to execute memcpy() with a negative argument, which could read and write pas...

7.5

CVE-2018-20783

Exploit
  • EPSS 6.65%
  • Veröffentlicht 21.02.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:02:09

In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. ...