CVSS: 7.5EPSS: 2%CPEs: 10EXPL: 1CVE-2019-9024 – php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c
https://notcve.org/view.php?id=CVE-2019-9024
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c. Se ha descubierto un problema en PHP en versiones anteriores a la 5.6.40, versiones 7.x anteriores a la 7.1.26, versiones 7.2.x anteriores a la 7.2.14 y versiones 7.3.x anteriores a la 7.3.1. xmlrpc_decode() puede permitir que un servidor XMLRPC hostil provoque que la memoria PHP lea memoria más allá de las áreas asignadas en base64_decode_xmlrpc en ext/xmlrpc/libxmlrpc/base64.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html http://www.securityfocus.com/bid/107156 https://access.redhat.com/errata/RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:3299 https://bugs.php.net/bug.php?id=77380 https://security& • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 1CVE-2019-9021 – php: Heap-based buffer over-read in PHAR reading functions
https://notcve.org/view.php?id=CVE-2019-9021
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c. Se ha descubierto un problema en PHP en versiones anteriores a la 5.6.40, versiones 7.x anteriores a la 7.1.26, versiones 7.2.x anteriores a la 7.2.14 y versiones 7.3.x anteriores a la 7.3.1. Una sobrelectura de búfer basada en memoria dinámica (heap) en las funciones de lectura PHAR en la extensión PHAR podría permitir que un atacante lea memoria asignada o no asignada más allá de los datos reales al intentar analizar el nombre de archivo. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html http://www.securityfocus.com/bid/106747 http://www.securityfocus.com/bid/107156 https://access.redhat.com/errata/RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:3299 https://bugs.php&# • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 2CVE-2019-9020 – php: Invalid memory access in function xmlrpc_decode()
https://notcve.org/view.php?id=CVE-2019-9020
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c. Se ha descubierto un problema en PHP en versiones anteriores a la 5.6.40, versiones 7.x anteriores a la 7.1.26, versiones 7.2.x anteriores a la 7.2.14 y versiones 7.3.x anteriores a la 7.3.1. Las entradas inválidas en la función xmlrpc_decode() pueden conducir a un acceso inválido a la memoria (lectura de memoria dinámica o heap fuera de límites o lectura de memoria previamente liberada). • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html http://www.securityfocus.com/bid/107156 https://access.redhat.com/errata/RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:3299 https://bugs.php.net/bug.php?id=77242 https://bugs. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-20783 – php: Buffer over-read in PHAR reading functions
https://notcve.org/view.php?id=CVE-2018-20783
In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c. En PHP, en versiones anteriores a la 5.6.39, en las versiones 7.x anteriores a la 7.1.25 y en las 7.2.x anteriores a la 7.2.13, una sobrelectura de búfer en las funciones de lectura PHAR podría permitir a un atacante leer la memoria, ya sea asignada o no, posterior a los datos actuales durante el análisis de un archivo .phar. Esto está relacionado con phar_parse_pharfile en ext/phar/phar.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php https://access.redhat.com/errata/RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:3299 https://bugs.php.net/bug. • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-3812
https://notcve.org/view.php?id=CVE-2019-3812
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host. QEMU, hasta la versión 2.10 y la 3.1.0, es vulnerable a una lectura fuera de límites de hasta 128 bytes en la función hw/i2c/i2c-ddc.c:i2c_ddc(). Un atacante local con permisos para ejecutar comandos i2c podría aprovechar este hecho para leer la memoria de pila del proceso qemu en el host. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00094.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00040.html http://www.securityfocus.com/bid/107059 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3812 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7 https://seclists.org/bugtraq&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •