Php

Php

714 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2019-9675

  • EPSS 0.55%
  • Veröffentlicht 11.03.2019 11:29:12
  • Zuletzt bearbeitet 21.11.2024 04:52:05

An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a s...

7.5

CVE-2019-9637

  • EPSS 12.42%
  • Veröffentlicht 09.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:01

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename ...

7.5

CVE-2019-9638

Exploit
  • EPSS 17.42%
  • Veröffentlicht 09.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:01

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.

7.5

CVE-2019-9639

Exploit
  • EPSS 18%
  • Veröffentlicht 09.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:01

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.

7.5

CVE-2019-9640

Exploit
  • EPSS 16.24%
  • Veröffentlicht 09.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:01

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.

9.8

CVE-2019-9641

Exploit
  • EPSS 52.08%
  • Veröffentlicht 09.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:02

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

9.8

CVE-2019-9020

Exploit
  • EPSS 3.1%
  • Veröffentlicht 22.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:49

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is rel...

9.8

CVE-2019-9021

Exploit
  • EPSS 30.03%
  • Veröffentlicht 22.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:49

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory ...

7.5

CVE-2019-9022

Exploit
  • EPSS 8.19%
  • Veröffentlicht 22.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:49

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buff...

9.8

CVE-2019-9023

Exploit
  • EPSS 11.52%
  • Veröffentlicht 22.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:49

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte ...