CVE-2019-9073
- EPSS 1.1%
- Veröffentlicht 24.02.2019 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:55
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.
CVE-2019-9074
- EPSS 1.57%
- Veröffentlicht 24.02.2019 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:56
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64....
CVE-2019-9075
- EPSS 1.7%
- Veröffentlicht 24.02.2019 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:56
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.
CVE-2019-9077
- EPSS 1.98%
- Veröffentlicht 24.02.2019 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:56
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.
CVE-2019-9020
- EPSS 10.06%
- Veröffentlicht 22.02.2019 23:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:49
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is rel...
CVE-2019-9021
- EPSS 10.06%
- Veröffentlicht 22.02.2019 23:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:49
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory ...
CVE-2019-9022
- EPSS 4.19%
- Veröffentlicht 22.02.2019 23:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:49
An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buff...
CVE-2019-9023
- EPSS 9.32%
- Veröffentlicht 22.02.2019 23:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:49
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte ...
CVE-2019-9024
- EPSS 7.12%
- Veröffentlicht 22.02.2019 23:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:50
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlr...
CVE-2018-20784
- EPSS 4.17%
- Veröffentlicht 22.02.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:02:10
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.