Lucene search
K

107 matches found

OSV
OSV
added 2017/07/11 3:29 a.m.5 views

DEBIAN-CVE-2017-11164

In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...

7.5CVSS6.9AI score0.03102EPSS
Exploits0References1
OSV
OSV
added 2017/03/23 9:59 p.m.2 views

DEBIAN-CVE-2017-7245

Stack-based buffer overflow in the pcre32copysubstring function in pcreget.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service WRITE of size 4 or possibly have unspecified other impact via a crafted file...

7.8CVSS9.4AI score0.02218EPSS
Exploits0References1
OSV
OSV
added 2016/12/13 4:59 p.m.3 views

DEBIAN-CVE-2015-3217

PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service stack-based buffer overflow via a crafted regular expression, as demonstrated by /^?:?1\.|^\\W?++$/...

7.5CVSS8.8AI score0.06169EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.14 views

pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)

Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^?P=B?P=B?J:?Pc?Pa?P=BWGXCREDITS/, a different vulnerability than CVE-2015-8384...

9.8CVSS7.8AI score0.09157EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.7 views

pcre: Buffer overflow caused by duplicate named references (8.38/36)

The compileregex function in pcrecompile.c in PCRE before 8.38 and pcre2compile.c in PCRE2 before 10.2x mishandles the /?J:?|:?|?'R'\k'R'|?'R'H'Rk'Rf|s?'R'/ and /?J:?|:?|?'R'\z?|?'R'\k'R'|?'R'k'R'|?'R'H'Ak'Rf|s?'R'/ patterns, and related patterns with certain group references, which allows remote...

7.5CVSS7.5AI score0.05286EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.5 views

pcre: heap buffer overflow in compile_branch()

The compilebranch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service out-of-bounds heap read and crash, or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large...

7.8CVSS7AI score0.01575EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.8 views

pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)

PCRE before 8.38 mishandles the /?J?'d'?'d'\gd/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScri...

7.5CVSS7.4AI score0.03399EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.4 views

pcre: stack overflow caused by mishandled group empty match (8.38/11)

PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service stack-based buffer overflow via a crafted regular expression, as demonstrated by /^?:?1\.|^\\W?++$/...

7.5CVSS7.4AI score0.06169EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.6 views

pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)

PCRE before 8.38 mishandles the /?=di?=?1|?=./ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS7.4AI score0.06587EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/05/26 8:35 a.m.12 views

pcre: buffer overflow caused by named forward reference to duplicate group number (8.38/30)

PCRE before 8.38 mishandles the /?|\k'Pm'|?'Pm'/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS7.4AI score0.05623EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/05/26 8:35 a.m.5 views

pcre: Buffer overflow caused by repeated conditional group (8.38/3)

PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror...

9.8CVSS7.4AI score0.06077EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/05/26 8:35 a.m.11 views

pcre: Buffer overflow caused by duplicate named references (8.38/36)

The compileregex function in pcrecompile.c in PCRE before 8.38 and pcre2compile.c in PCRE2 before 10.2x mishandles the /?J:?|:?|?'R'\k'R'|?'R'H'Rk'Rf|s?'R'/ and /?J:?|:?|?'R'\z?|?'R'\k'R'|?'R'k'R'|?'R'H'Ak'Rf|s?'R'/ patterns, and related patterns with certain group references, which allows remote...

7.5CVSS7.5AI score0.05286EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/05/26 8:35 a.m.6 views

pcre: buffer overflow caused by patterns with duplicated named groups with (?| (8.38/27)

PCRE before 8.38 mishandles certain instances of the ?| substring, which allows remote attackers to cause a denial of service unintended recursion and buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

7.5CVSS7.5AI score0.03558EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/05/26 8:35 a.m.7 views

pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)

PCRE before 8.38 mishandles the /?=di?=?1|?=./ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS7.4AI score0.06587EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/05/26 8:35 a.m.5 views

pcre: stack overflow caused by mishandled group empty match (8.38/11)

PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service stack-based buffer overflow via a crafted regular expression, as demonstrated by /^?:?1\.|^\\W?++$/...

7.5CVSS7.4AI score0.06169EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/05/11 1:7 p.m.5 views

pcre: buffer overflow caused by named forward reference to duplicate group number (8.38/30)

PCRE before 8.38 mishandles the /?|\k'Pm'|?'Pm'/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS7.4AI score0.05623EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/05/11 1:7 p.m.5 views

pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)

PCRE before 8.38 mishandles the /?=di?=?1|?=./ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS7.4AI score0.06587EPSS
Exploits0References4
OSV
OSV
added 2016/03/29 5:10 p.m.2 views

USN-2943-1 pcre3 vulnerabilities

It was discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS6.8AI score0.09157EPSS
Exploits11References26
CNVD
CNVD
added 2016/03/29 12:0 a.m.43 views

PCRE pcre_jit_compile.c Denial of Service Vulnerability

PCRE is a Perl library that includes a perl-compatible regular expression library. PCRE version 8.35 pcrejitcompile.c fails to properly optimize nested substitutions using table jumps. A remote attacker could utilize the constructed strings to cause a denial of service stack memory corruption...

9.3CVSS9.1AI score0.02351EPSS
Exploits0References1
OSV
OSV
added 2016/03/29 12:0 a.m.4 views

UBUNTU-CVE-2014-9769

pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...

7.3CVSS7.2AI score0.02351EPSS
Exploits0References3
Rows per page
Query Builder