CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2019-11044 – link() silently truncates after a null byte on Windows
https://notcve.org/view.php?id=CVE-2019-11044
23 Dec 2019 — In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access. En PHP versiones 7.2.x por debajo de 7.2.26, versiones 7.3.x por debajo de 7.3.13 y 7.4.0 en Windows, la función PHP link() acepta nombres de archivo con /0 byte insertado y los trata como terminando en ese byte. ... • https://bugs.php.net/bug.php?id=78862 • CWE-170: Improper Null Termination •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-19246 – oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c
https://notcve.org/view.php?id=CVE-2019-19246
25 Nov 2019 — Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. Oniguruma versiones hasta 6.9.3, como es usado en PHP versión 7.3.x y otros productos, presenta una lectura excesiva de búfer en la región heap de la memoria en la función str_lower_case_match en el archivo regexec.c. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer over-read, buffer overflow, code execu... • https://bugs.php.net/bug.php?id=78559 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 96%CPEs: 11EXPL: 27CVE-2019-11043 – PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2019-11043
24 Oct 2019 — In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. En PHP versiones 7.1.x anteriores a la versión 7.1.33, versiones 7.2.x anteriores a la versión 7.2.24 y versiones 7.3.x anteriores a 7.3.11, en ciertas configuraciones del FPM setup, es posible causar que el módulo FPM escrib... • https://packetstorm.news/files/id/154974 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 1CVE-2019-11042 – heap-buffer-overflow on exif_process_user_comment in EXIF extension
https://notcve.org/view.php?id=CVE-2019-11042
09 Aug 2019 — When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. Cuando la extensión EXIF de PHP está analizando información EXIF de una imagen, p.ej. por medio de la función exif_read_data(), en PHP versiones 7.1.x anteriores a 7.1.31, versiones 7.2.x an... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 1CVE-2019-11041 – heap-buffer-overflow on exif_scan_thumbnail in EXIF extension
https://notcve.org/view.php?id=CVE-2019-11041
09 Aug 2019 — When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. Cuando la extensión EXIF de PHP está analizando información EXIF de una imagen, p.ej. por medio de la función exif_read_data(), en PHP versiones 7.1.x anteriores a 7.1.31, versiones 7.2.x an... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2019-13224 – oniguruma: Use-after-free in onig_new_deluxe() in regext.c
https://notcve.org/view.php?id=CVE-2019-13224
10 Jul 2019 — A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. Un uso de memoria previamente liberada en la función onig_new_deluxe() e... • https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 25EXPL: 5CVE-2019-11038 – Uninitialized read in gdImageCreateFromXbm
https://notcve.org/view.php?id=CVE-2019-11038
18 Jun 2019 — When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code. Cuando se usa la función gdImageCreateFromXbm () en la Biblioteca de gráficos GD (también conocida como LibGD) 2.... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •
CVSS: 9.1EPSS: 0%CPEs: 8EXPL: 1CVE-2019-11039 – Out-of-bounds read in iconv.c
https://notcve.org/view.php?id=CVE-2019-11039
05 Jun 2019 — Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash. La función iconv_mime_decode_headers () en las versiones de PHP 7.1.x por debajo de 7.1.30, 7.2.x por debajo de 7.2.19 y 7.3.x por debajo de 7.3.6 puede realizar una lectura fuera del búfer debido al desbordamiento de enteros al analizar los encabezados MIME. Esto p... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00029.html • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 9.1EPSS: 1%CPEs: 8EXPL: 1CVE-2019-11040 – Heap buffer overflow in EXIF extension
https://notcve.org/view.php?id=CVE-2019-11040
05 Jun 2019 — When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. Cuando la extensión PHP EXIF ??está analizando la información EXIF ??de una imagen, por ejemplo. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00029.html • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 1%CPEs: 19EXPL: 0CVE-2019-11036 – Heap over-read in PHP EXIF extension
https://notcve.org/view.php?id=CVE-2019-11036
03 May 2019 — When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash. Al procesar ciertos archivos, la extensión PHP EXIF en las versiones 7.1.x anteriores a 7.1.29, 7.2.x anteriores a 7.2.18 y 7.3.x anteriores a 7.3.5, puede hacer que se lea el búfer asignado en la función exif_process_IFD_TAG. Esto puede conducir a la revelació... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •