Lucene search
+L

109 matches found

cnvd
cnvd
added 2016/03/29 12:0 a.m.43 views

PCRE pcre_jit_compile.c Denial of Service Vulnerability

PCRE is a Perl library that includes a perl-compatible regular expression library. PCRE version 8.35 pcrejitcompile.c fails to properly optimize nested substitutions using table jumps. A remote attacker could utilize the constructed strings to cause a denial of service stack memory corruption...

9.3CVSS9.1AI score0.02351EPSS
Exploits0References1
osv
osv
added 2016/03/29 12:0 a.m.5 views

UBUNTU-CVE-2014-9769

pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...

7.3CVSS7.2AI score0.02351EPSS
Exploits0References3
cnvd
cnvd
added 2016/03/19 12:0 a.m.3 views

PCRE and PCRE2 'compile_branch' function denial of service vulnerability

PCRE is an open source regular expression library written in C. PCRE2 is an API for modifying PCRE. The 'compilebranch' function of PCRE and PCRE2 failed to properly handle regular expressions containing 'ACCEPT' substrings and nested parentheses. A remote attacker submitting a specially crafted...

9.8CVSS9.6AI score0.0843EPSS
Exploits1References1
osv
osv
added 2016/03/17 11:59 p.m.7 views

DEBIAN-CVE-2016-3191

The compilebranch function in pcrecompile.c in PCRE 8.x before 8.39 and pcre2compile.c in PCRE2 before 10.22 mishandles patterns containing an ACCEPT substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based...

9.8CVSS9.2AI score0.0843EPSS
Exploits1References1
osv
osv
added 2016/01/02 12:0 a.m.6 views

UBUNTU-CVE-2016-1283

The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer overflow or...

9.8CVSS7.4AI score0.07791EPSS
Exploits1References4
osv
osv
added 2015/12/02 1:59 a.m.2 views

DEBIAN-CVE-2015-8394

PCRE before 8.38 mishandles the ? and ?R conditions, which allows remote attackers to cause a denial of service integer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror...

9.8CVSS8.8AI score0.04815EPSS
Exploits0References1
osv
osv
added 2015/12/02 1:59 a.m.3 views

DEBIAN-CVE-2015-8388

PCRE before 8.38 mishandles the /?=di?=?1|?=./ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS9.3AI score0.06587EPSS
Exploits0References1
osv
osv
added 2015/12/02 1:59 a.m.2 views

DEBIAN-CVE-2015-8386

PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp...

9.8CVSS9.3AI score0.07059EPSS
Exploits0References1
osv
osv
added 2015/12/02 1:59 a.m.4 views

DEBIAN-CVE-2015-8385

PCRE before 8.38 mishandles the /?|\k'Pm'|?'Pm'/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS9.3AI score0.05623EPSS
Exploits0References1
osv
osv
added 2015/12/02 1:59 a.m.1 views

DEBIAN-CVE-2015-8383

PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror...

9.8CVSS8.8AI score0.06077EPSS
Exploits0References1
osv
osv
added 2015/12/02 1:59 a.m.4 views

DEBIAN-CVE-2015-8381

The compileregex function in pcrecompile.c in PCRE before 8.38 and pcre2compile.c in PCRE2 before 10.2x mishandles the /?J:?|:?|?'R'\k'R'|?'R'H'Rk'Rf|s?'R'/ and /?J:?|:?|?'R'\z?|?'R'\k'R'|?'R'k'R'|?'R'H'Ak'Rf|s?'R'/ patterns, and related patterns with certain group references, which allows remote...

7.5CVSS8.8AI score0.05286EPSS
Exploits1References1
osv
osv
added 2015/12/02 1:59 a.m.3 views

DEBIAN-CVE-2015-8380

The pcreexec function in pcreexec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegE...

7.5CVSS9.4AI score0.04436EPSS
Exploits1References1
osv
osv
added 2015/12/02 1:59 a.m.3 views

DEBIAN-CVE-2015-2328

PCRE before 8.36 mishandles the /?Ra|?1+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

7.5CVSS9.3AI score0.05244EPSS
Exploits1References1
osv
osv
added 2015/12/02 1:59 a.m.3 views

DEBIAN-CVE-2015-2327

PCRE before 8.36 mishandles the /a\2|a\g/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a...

7.5CVSS8.7AI score0.04049EPSS
Exploits1References1
cnvd
cnvd
added 2015/12/02 12:0 a.m.4 views

PCRE Denial of Service Vulnerability (CNVD-2015-07884)

PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. A security vulnerability exists in PCRE versions prior to 8.38, which stems from the program's failure to properly handle the '/? :|a|100x...

9.8CVSS9.3AI score0.03887EPSS
Exploits0References1
cnvd
cnvd
added 2015/12/02 12:0 a.m.4 views

PCRE Denial of Service Vulnerability (CNVD-2015-07889)

PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. A security vulnerability exists in PCRE versions prior to 8.38, which stems from the program's failure to properly handle '? ' and '? R'...

9.8CVSS9.2AI score0.04815EPSS
Exploits0References1
cnvd
cnvd
added 2015/12/02 12:0 a.m.4 views

PCRE Denial of Service Vulnerability (CNVD-2015-07877)

PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. A security vulnerability exists in PCRE versions prior to 8.38, which stems from the program's failure to properly handle repeated...

9.8CVSS9.1AI score0.06077EPSS
Exploits0References1
cnvd
cnvd
added 2015/12/02 12:0 a.m.4 views

PCRE2 and PCRE Denial of Service Vulnerabilities

PCRE Perl Compatible Regular Expressions and PCRE2 are both products developed by software developer Philip Hazel. The former is an open source regular expression library written in C, and the latter is an API for modifying PCRE. A security vulnerability in the 'compileregex' function in the...

7.5CVSS9.3AI score0.05286EPSS
Exploits1References1
cnvd
cnvd
added 2015/12/02 12:0 a.m.4 views

PCRE Denial of Service Vulnerability (CNVD-2015-07883)

PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. A security vulnerability exists in PCRE versions prior to 8.38, which stems from the program's failure to properly handle '/? =di? =?1|? =...

7.5CVSS9.2AI score0.06587EPSS
Exploits0References1
osv
osv
added 2015/12/01 12:0 a.m.4 views

UBUNTU-CVE-2015-8386

PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp...

9.8CVSS7.2AI score0.07059EPSS
Exploits0References5
Rows per page
Query Builder