UBUNTU-CVE-2020-23308

There is an Assertion 'contextp-stacktopuint8 == LEXEREXPRESSIONSTART' at js-parser-expr.c:3565 in parserparseexpression in JerryScript 2.2.0...

JerryScript 代码问题漏洞

JerryScript is a lightweight JavaScript engine . A security vulnerability exists in parserparseexpression in js-parser-expr.c:3565 in JerryScript version 2.2.0. No details of the vulnerability are provided at this time...

Denial Of Service (DoS)

openJDK is vulnerable to denial of service. The vulnerability exists through incorrect handling of empty string nodes in regular expression Parser which allows an attacker to cause an application crash...

Arbitrary Code Execution

php56 is vulnerable to arbitrary code execution. The vulnerability exists due to a flaw in the regular expression parser...

ALPINE-CVE-2018-20712

A heap-based buffer over-read exists in the function dexpression1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt...

RHEL 5 : nspr and nss (RHSA-2009:1207)

Updated nspr and nss packages that fix security issues are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform independence for...

postgresql: tempory DoS caused by slow regex NFA cleanup

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service memory consumption via a crafted "complex...

Critical: Red Hat Security Advisory: nspr and nss security update

Updated nspr and nss packages that fix security issues are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform independence for...

Multiple Products NSS Library Buffer Overflow Vulnerability

This host is installed with Firefox or Thunderbird or SeaMonkey or Evolution or Pidgin or AOL Instant Messenger Products which is prone to Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbmultprdtsnsslibbofvuln.nasl 5369 2017-02-20 14:48:07Z cfi $ Multiple Products NSS Library...

nss regexp heap overflow

Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services NSS before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger AIM, allows remote SSL servers to cause a denial of service application crash or possibly...

Critical: Red Hat Security Advisory: nspr and nss security and bug fix update

Updated nspr and nss packages that fix security issues and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform independence for non-GUI operati...

Ubuntu Update for postgresql vulnerabilities USN-568-1

Ubuntu Update for Linux kernel vulnerabilities USN-568-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5681.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for postgresql vulnerabilities USN-568-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : postgresql vulnerabilities (USN-568-1)

Nico Leidecker discovered that PostgreSQL did not properly restrict dblink functions. An authenticated user could exploit this flaw to access arbitrary accounts and execute arbitrary SQL queries. CVE-2007-3278, CVE-2007-6601 It was discovered that the TCL regular expression parser used by...

Out-of-bounds

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service backend crash via an out-of-bounds backref number...

Design/Logic Flaw

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service memory consumption via a crafted "complex...

CVE-2007-4769

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service backend crash via an out-of-bounds backref number...

CVE-2007-4772

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service infinite loop via a crafted regular expression...

CVE-2007-6067

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service memory consumption via a crafted "complex...

CVE-2007-4769

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service backend crash via an out-of-bounds backref number...

CVE-2007-6067

CVE-2007-6067 is an algorithmic complexity vulnerability in the TCL regular expression parser up to version 8.4.17, used by PostgreSQL 8.2/8.1/8.0/7.4 series. A crafted complex regex with doubly-nested states can be used by remote authenticated users to cause a denial of service via memory consum...