Search CVE reports

Toggle filters

101 – 110 of 259 results

CVE-2018-19518

Medium priority

Some fixes available 9 of 10

University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function...

6 affected packages

php-imap, php5, php7.0, php7.2, php7.3, uw-imap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
php-imap Not in release Not in release Not in release
php5 Not in release Not in release Not in release
php7.0 Not in release Not in release Not in release
php7.2 Not in release Not in release Fixed
php7.3 Not in release Not in release Not in release
uw-imap Not affected Not affected Fixed
Show less packages

CVE-2018-19396

Medium priority
Not affected

ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.

3 affected packages

php5, php7.0, php7.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not affected
Show less packages

CVE-2018-19395

Medium priority
Not affected

ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get...

3 affected packages

php5, php7.0, php7.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not affected
Show less packages

CVE-2018-17082

Medium priority
Fixed

The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the...

3 affected packages

php7.2, php5, php7.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
php7.2 Fixed
php5 Not in release
php7.0 Not in release
Show less packages

CVE-2018-15879

Medium priority
Fixed

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-6978. Reason: This candidate is a reservation duplicate of CVE-2019-6978. Notes: All CVE users should reference CVE-2019-6978 instead of this candidate. All...

5 affected packages

libgd2, php5, php7.0, php7.2, php7.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libgd2 Fixed
php5 Not in release
php7.0 Not in release
php7.2 Not affected
php7.3 Not in release
Show less packages

CVE-2018-15878

Medium priority
Fixed

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-6978. Reason: This candidate is a reservation duplicate of CVE-2019-6978. Notes: All CVE users should reference CVE-2019-6978 instead of this candidate. All...

5 affected packages

libgd2, php5, php7.0, php7.2, php7.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libgd2 Fixed
php5 Not in release
php7.0 Not in release
php7.2 Not affected
php7.3 Not in release
Show less packages

CVE-2018-15132

Medium priority
Not affected

An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be...

3 affected packages

php5, php7.0, php7.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not affected
Show less packages

CVE-2018-14884

Medium priority
Not affected

An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP response leads to a segmentation fault because http_header_value in ext/standard/http_fopen_wrapper.c...

3 affected packages

php5, php7.0, php7.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Not affected
Show less packages

CVE-2018-14883

Medium priority
Fixed

An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.

3 affected packages

php5, php7.0, php7.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Fixed
Show less packages

CVE-2018-14851

Low priority
Fixed

exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application...

3 affected packages

php5, php7.0, php7.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
php5 Not in release
php7.0 Not in release
php7.2 Fixed
Show less packages
  1. Previous page
  2. 9
  3. 10
  4. 11
  5. 12
  6. 13
  7. Next page
Export to JSON