Lucene search
K

21 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in libonig

A issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function fetchintervalquantifier formerly known as fetchrangequantifier in regparse.c, PFETCH is called without checking PEND. This leads to a buffer overflow issue based on the heap mechanism...

7.5CVSS6.9AI score0.06889EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : php:7.3 (AXSA:2020-779:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-779:01 advisory. php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer over-read in exifreaddata CVE-2019-11040 php:...

9.8CVSS7.9AI score0.08888EPSS
Exploits19References23
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 7 : php-5.4.16-48.0.11.el7.AXS7 (AXSA:2025-10916:10)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10916:10 advisory. CVE-2017-9224: fix out-of-bounds read of a stack in matchat function CVE-2017-9226: fix out-of-bounds write or read of a heap in nextstateval...

9.8CVSS7.2AI score0.07511EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.6 views

TencentOS Server 3: oniguruma (TSSA-2024:0077)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0077 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS8.4AI score0.10539EPSS
Exploits6References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-18163

Malware in sbrugna...

9.8CVSS9.2AI score0.0308EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-8872

Malware in sbrugna...

7.5CVSS6.5AI score0.02942EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.0 views

EUVD-2017-18164

Malware in sbrugna...

9.8CVSS7.1AI score0.07511EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-18165

Malware in sbrugna...

9.8CVSS7.6AI score0.06265EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-4737

Malware in sbrugna...

9.8CVSS6.8AI score0.04047EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-6983

Malware in sbrugna...

7.5CVSS6.4AI score0.02752EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-4738

Malware in sbrugna...

6.5CVSS6.2AI score0.02129EPSS
Exploits0References11
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/08 7:1 a.m.6 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in oniguruma 6.9.6-1.el9.6

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of oniguruma 6.9.6-1.el9.6 Vulnerability Details CVEID:CVE-2019-16163 DESCRIPTION: Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. CWE:CWE-674: Uncontrolled Recursion CVSS Sourc...

7.5CVSS6.5AI score0.02752EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0070: oniguruma (ALINUX3-SA-2022:0070)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0070 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-13225: A NULL Pointer Dereference in match...

6.5CVSS7.2AI score0.02129EPSS
Exploits0References2
Amazon
Amazon
added 2023/12/04 12:0 a.m.8 views

Important: php

Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state...

9.8CVSS8.2AI score0.06261EPSS
Exploits3
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.3 views

SUSE CVE-2019-19203

An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function gb18030mbcenclen in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read...

7.5CVSS7.1AI score0.04052EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.3 views

SUSE CVE-2019-19204

An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function fetchintervalquantifier formerly known as fetchrangequantifier in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read...

7.5CVSS9.5AI score0.06889EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2022/11/06 12:0 a.m.4 views

PT-2022-36747 · Git +1 · Oniguruma

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash involves the functions gbNUMBER mbc enc len, onigenc mbn mbc to code, and gbNUMBER mbc t...

6.9AI score
Exploits0References2
OSV
OSV
added 2019/11/17 6:15 p.m.1 views

DEBIAN-CVE-2019-19012

An integer overflow in the searchinrange function in regexec.c in Oniguruma 6.x before 6.9.4rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. This only affects the 32-bit compiled version. Remote attackers can cause a denial-of-service or...

9.8CVSS7.4AI score0.10539EPSS
Exploits3References1
CNVD
CNVD
added 2017/05/26 12:0 a.m.2 views

Oniguruma Denial of Service Vulnerability

mbstring Multi-Byte String is a language encoding extension library in PHP PHP: Hypertext Preprocessor; Oniguruma-mod is a regular expression library in Ruby programming language.Oniguruma is one of the a regular expression engine. A security vulnerability exists in Ruby's Oniguruma-mod and PHP's...

7.5CVSS6.9AI score0.05129EPSS
Exploits1References1
CNVD
CNVD
added 2017/05/26 12:0 a.m.12 views

Oniguruma 'onigenc_unicode_get_case_fold_codes_by_str()' function stack buffer overflow vulnerability

mbstring Multi-Byte String is a language encoding extension library in PHP PHP: Hypertext Preprocessor; Oniguruma-mod is a regular expression library in Ruby programming language.Oniguruma is one of the a regular expression engine. A stack buffer overflow vulnerability exists in the...

9.8CVSS7.2AI score0.0308EPSS
Exploits1References1
Rows per page
Query Builder