Skip to main content
CVE-2019-11037 CRITICAL Act Now

In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Buffer Overflow Memory Corruption Imagick
NVD GitHub
CVSS 3.0
9.8
EPSS
2.0%
CVE-2019-1804 CRITICAL Act Now

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Nexus 9332Pq Firmware Nexus 93180Yc Ex Firmware Nexus 93128Tx Firmware +10
NVD
CVSS 3.1
9.8
EPSS
3.5%
CVE-2019-11036 CRITICAL Act Now

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Buffer Overflow Information Disclosure Fedora Software Collections +3
NVD
CVSS 3.1
9.1
EPSS
7.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy