| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-9675 | 6.8 |
An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a s
|
11-04-2024 - 01:06 | 11-03-2019 - 11:29 | |
| CVE-2019-9641 | 7.5 |
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.
|
05-04-2022 - 20:49 | 09-03-2019 - 00:29 | |
| CVE-2019-9640 | 5.0 |
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.
|
05-04-2022 - 20:48 | 09-03-2019 - 00:29 | |
| CVE-2019-9639 | 5.0 |
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.
|
05-04-2022 - 20:48 | 09-03-2019 - 00:29 | |
| CVE-2019-9638 | 5.0 |
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.
|
05-04-2022 - 20:40 | 09-03-2019 - 00:29 | |
| CVE-2019-9023 | 7.5 |
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte
|
18-06-2019 - 18:15 | 22-02-2019 - 23:29 | |
| CVE-2019-9024 | 5.0 |
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlr
|
18-06-2019 - 18:15 | 22-02-2019 - 23:29 | |
| CVE-2019-9021 | 7.5 |
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory
|
18-06-2019 - 18:15 | 22-02-2019 - 23:29 | |
| CVE-2019-9020 | 7.5 |
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is rel
|
18-06-2019 - 18:15 | 22-02-2019 - 23:29 | |
| CVE-2019-9637 | 5.0 |
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename
|
03-06-2019 - 15:29 | 09-03-2019 - 00:29 | |
| CVE-2018-20783 | 5.0 |
In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file.
|
22-05-2019 - 15:29 | 21-02-2019 - 19:29 |