35 matches found
CVE-2018-19203
PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request...
TencentOS Server 3: oniguruma (TSSA-2024:0077)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0077 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Important: php
Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly i...
Linux Distros Unpatched Vulnerability : CVE-2019-19203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function gb18030mbcenclen in file gb18030.c, a UChar pointer is dereferenced without checking i...
RHEL 5 : oniguruma (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read...
RHEL 6 : oniguruma (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read...
CVE-2019-19203
creationtimestamp| type| source ---|---|--- 2024-02-26 10:41:53+00:00| seen| https://t.me/ctinow/193230...
AlmaLinux 8 : oniguruma (ALSA-2024:0889)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0889 advisory. - A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or...
Moderate: Red Hat Security Advisory: oniguruma security update
An update for oniguruma is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
oniguruma security update
6.8.2-2.1 - Fix CVE-2019-13224 Resolves: RHEL-6970 - Fix CVE-2019-16163 Resolves: RHEL-9506 - Fix CVE-2019-19012 Resolves: RHEL-9511 - Fix CVE-2019-19203 Resolves: RHEL-9510 - Fix CVE-2019-19204 Resolves: RHEL-9509...
Moderate: oniguruma security update
Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fixes: oniguruma: Use-after-free in onignewdeluxe in regext.c CVE-2019-13224 oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c CVE-2019-16163 oniguruma: integer overflow i...
ALSA-2024:0889 Moderate: oniguruma security update
Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fixes: oniguruma: Use-after-free in onignewdeluxe in regext.c CVE-2019-13224 oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c CVE-2019-16163 oniguruma: integer overflow i...
Moderate: Red Hat Security Advisory: oniguruma security update
An update for oniguruma is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
RHEL 8 : oniguruma (RHSA-2024:0409)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0409 advisory. Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fixes: oniguruma: Use-after-free in...
Ubuntu: Security Advisory (USN-5662-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for oniguruma (SUSE-SU-2022:3327-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:3327-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : php (EulerOS-SA-2021-2606)
According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function gb18030mbcenclen in file gb18030.c, a UChar pointer is dereferenced witho...
CVE-2020-19203
An authenticated Cross-Site Scripting XSS vulnerability was found in widgets/widgets/wakeonlanwidget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr description parameter of wake-on-LAN entries in its output, leading to a...
CVE-2020-19203
pfSense WebGUI authenticated XSS (CVE-2020-19203) affects wake_on_lan_widget.php in 2.4.4-p2 and earlier. The widget fails to encode the descr field of wake-on-LAN entries, allowing stored XSS. Affected component: widgets/wake_on_lan_widget.php (pfSense WebGUI). Impact: potential script execution...