Vulnerabilities > PHP > PHP > High

DATE CVE VULNERABILITY TITLE RISK
2019-11-25 CVE-2019-19246 Out-of-bounds Read vulnerability in multiple products
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. 		7.5
7.5
2019-08-09 CVE-2019-11042 Out-of-bounds Read vulnerability in multiple products
When PHP EXIF extension is parsing EXIF information from an image, e.g. 		7.1
7.1
2019-08-09 CVE-2019-11041 Out-of-bounds Read vulnerability in multiple products
When PHP EXIF extension is parsing EXIF information from an image, e.g. 		7.1
7.1
2019-03-11 CVE-2019-9675 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3.
network
high complexity
php canonical opensuse CWE-119
8.1
8.1
2019-03-09 CVE-2019-9641 Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php debian canonical opensuse netapp CWE-908
7.5
7.5
2019-02-22 CVE-2019-9025 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in PHP 7.3.x before 7.3.1.
network
low complexity
php netapp CWE-119
7.5
7.5
2019-02-22 CVE-2019-9023 Out-of-bounds Read vulnerability in PHP
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-125
7.5
7.5
2019-02-22 CVE-2019-9021 Out-of-bounds Read vulnerability in PHP
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-125
7.5
7.5
2019-02-22 CVE-2019-9020 Use After Free vulnerability in PHP
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-416
7.5
7.5
2019-01-27 CVE-2019-6977 Out-of-bounds Write vulnerability in multiple products
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow.
network
low complexity
libgd php debian canonical netapp CWE-787
8.8
8.8