CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 1CVE-2019-11042 – heap-buffer-overflow on exif_process_user_comment in EXIF extension
https://notcve.org/view.php?id=CVE-2019-11042
09 Aug 2019 — When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. Cuando la extensión EXIF de PHP está analizando información EXIF de una imagen, p.ej. por medio de la función exif_read_data(), en PHP versiones 7.1.x anteriores a 7.1.31, versiones 7.2.x an... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 1CVE-2019-11041 – heap-buffer-overflow on exif_scan_thumbnail in EXIF extension
https://notcve.org/view.php?id=CVE-2019-11041
09 Aug 2019 — When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. Cuando la extensión EXIF de PHP está analizando información EXIF de una imagen, p.ej. por medio de la función exif_read_data(), en PHP versiones 7.1.x anteriores a 7.1.31, versiones 7.2.x an... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8582 – Apple macOS CoreText Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8582
24 Jul 2019 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may result in the disclosure of process memory. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema se corrigió en iCloud para Windows versión 7.12, tvOS versión 12.3, iT... • https://support.apple.com/en-us/HT210118 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8695 – Apple macOS Grapher Memory Corruption Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8695
23 Jul 2019 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en macOS Mojave versión 10.14.6. • https://support.apple.com/HT210348 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8693
https://notcve.org/view.php?id=CVE-2019-8693
23 Jul 2019 — A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory. Un problema de comprobación fue abordado mejorando el saneamiento de la entrada. Este problema es corregido en macOS Mojave versión 10.14.6. • https://support.apple.com/HT210348 • CWE-125: Out-of-bounds Read •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8692 – Apple macOS AMDRadeonX4000 Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8692
23 Jul 2019 — A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory. Un problema de comprobación fue abordado mejorando el saneamiento de la entrada. Este problema es corregido en macOS Mojave versión 10.14.6. • https://support.apple.com/HT210348 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8667
https://notcve.org/view.php?id=CVE-2019-8667
23 Jul 2019 — An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6. The encryption status of a Time Machine backup may be incorrect. Un problema de interfaz de usuario inconsistente fue abordado con una gestión de estado mejorada. Este problema es corregido en macOS Mojave versión 10.14.6. • https://support.apple.com/HT210348 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8691 – Apple macOS AMDRadeonX4000_AMDSIGLContext RsrcAndXorByteFlag Out-Of-Bounds Read Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-8691
23 Jul 2019 — A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory. Un problema de comprobación fue abordado mejorando el saneamiento de la entrada. Este problema es corregido en macOS Mojave versión 10.14.6. • https://support.apple.com/HT210348 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8697 – Apple macOS diskmanagementd Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-8697
23 Jul 2019 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en macOS Mojave versión 10.14.6. • https://support.apple.com/HT210348 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8694
https://notcve.org/view.php?id=CVE-2019-8694
23 Jul 2019 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with kernel privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en macOS Mojave versión 10.14.6. • https://support.apple.com/HT210348 • CWE-787: Out-of-bounds Write •