Lucene search
K

107 matches found

osv
osv
added 2015/12/01 12:0 a.m.6 views

UBUNTU-CVE-2015-8383

PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror...

9.8CVSS7.2AI score0.06077EPSS
Exploits0References5
osv
osv
added 2015/12/01 12:0 a.m.4 views

UBUNTU-CVE-2015-8392

PCRE before 8.38 mishandles certain instances of the ?| substring, which allows remote attackers to cause a denial of service unintended recursion and buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

7.5CVSS7.4AI score0.03558EPSS
Exploits0References5
osv
osv
added 2015/12/01 12:0 a.m.6 views

UBUNTU-CVE-2015-8385

PCRE before 8.38 mishandles the /?|\k'Pm'|?'Pm'/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS7.2AI score0.05623EPSS
Exploits0References5
osv
osv
added 2015/12/01 12:0 a.m.6 views

UBUNTU-CVE-2015-8394

PCRE before 8.38 mishandles the ? and ?R conditions, which allows remote attackers to cause a denial of service integer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror...

9.8CVSS7.2AI score0.04815EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2015/12/01 12:0 a.m.4 views

PT-2015-7793 · Philip Hazel +2 · Pcre +2

Name of the Vulnerable Software and Affected Versions: PCRE versions prior to 8.38 Description: The issue concerns the mishandling of the -q option for binary files by pcregrep in PCRE, potentially allowing remote attackers to obtain sensitive information via a crafted file. This could be exploit...

9.8CVSS7AI score0.09157EPSS
Exploits12References122
ptsecurity
ptsecurity
added 2015/12/01 12:0 a.m.7 views

PT-2015-7790 · Pcre +4 · Pcre +4

Name of the Vulnerable Software and Affected Versions: PCRE versions prior to 8.38 Description: The issue allows remote attackers to cause a denial of service infinite recursion or possibly have unspecified other impact via a crafted regular expression, such as the /?:|a|100x/ pattern and related...

9.8CVSS8AI score0.09157EPSS
Exploits12References123
ptsecurity
ptsecurity
added 2015/12/01 12:0 a.m.4 views

PT-2015-7784 · Philip Hazel +2 · Pcre +2

Name of the Vulnerable Software and Affected Versions: PCRE versions prior to 8.38 Description: The issue concerns the mishandling of certain repeated conditional groups in regular expressions, which can be exploited by remote attackers to cause a denial of service buffer overflow or possibly hav...

9.8CVSS7.7AI score0.09157EPSS
Exploits12References123
osv
osv
added 2015/12/01 12:0 a.m.6 views

UBUNTU-CVE-2015-8388

PCRE before 8.38 mishandles the /?=di?=?1|?=./ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS7.2AI score0.06587EPSS
Exploits0References5
osv
osv
added 2015/07/29 4:36 p.m.4 views

USN-2694-1 pcre3 vulnerabilities

Michele Spagnuolo discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2014-8964...

9.8CVSS6.8AI score0.09157EPSS
Exploits4References6
cnvd
cnvd
added 2015/06/24 12:0 a.m.4 views

PCRE 'compile_branch()' function heap buffer overflow vulnerability

PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. PCRE suffers from a heap buffer overflow vulnerability in compilebranch. This vulnerability allows an attacker to execute arbitrary code i...

7.8CVSS8.2AI score0.01575EPSS
Exploits1References1
cnvd
cnvd
added 2015/06/05 12:0 a.m.7 views

PCRE 'compile_regex()' Buffer Overflow Vulnerability

PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. A buffer overflow vulnerability exists in PCRE 'compileregex'. This allows attackers to exploit the vulnerability to execute arbitrary cod...

9.8CVSS8AI score0.09157EPSS
Exploits1References1
osv
osv
added 2015/06/01 12:0 a.m.3 views

UBUNTU-CVE-2015-3210

Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^?P=B?P=B?J:?Pc?Pa?P=BWGXCREDITS/, a different vulnerability than CVE-2015-8384...

9.8CVSS7.8AI score0.09157EPSS
Exploits1References4
osv
osv
added 2015/04/01 12:0 a.m.5 views

UBUNTU-CVE-2015-2326

The pcrecompile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service out-of-bounds read via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by...

5.5CVSS6.8AI score0.01592EPSS
Exploits1References4
osv
osv
added 2015/04/01 12:0 a.m.5 views

UBUNTU-CVE-2015-2325

The compilebranch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service out-of-bounds heap read and crash, or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large...

7.8CVSS6.8AI score0.01575EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2014/12/16 12:0 a.m.13 views

PT-2014-8764 · Philip Hazel +6 · Pcre +6

Name of the Vulnerable Software and Affected Versions: PCRE versions 8.36 and earlier Description: A heap-based buffer overflow issue allows remote attackers to cause a denial of service crash or have other unspecified impact via a crafted regular expression, related to an assertion that allows...

9.8CVSS7.7AI score0.9986EPSS
Exploits14References209
osv
osv
added 2012/06/27 9:55 p.m.5 views

DEBIAN-CVE-2011-4957

The makeclickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service crash via a comment with a crafted URL that triggers many recursive calls...

5CVSS6.7AI score0.03155EPSS
Exploits0References1
redhat
redhat
added 2007/12/18 11:52 p.m.6 views

: pcre before 7.3 incorrect unicode in char class optimization

Heap-based buffer overflow in Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized...

6.8CVSS6.4AI score0.04097EPSS
Exploits0References4
osv
osv
added 2007/12/03 8:46 p.m.3 views

DEBIAN-CVE-2006-7225

Perl-Compatible Regular Expression PCRE library before 6.7 allows context-dependent attackers to cause a denial of service error or crash via a regular expression that involves a "malformed POSIX character class", as demonstrated via an invalid character after a sequence...

4.3CVSS6.4AI score0.01604EPSS
Exploits0References1
redhat
redhat
added 2007/11/29 2:58 p.m.3 views

pcre integer overflow

Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large 1 min, 2 max, or 3 duplength values that cause an incorrect length calculation and trigger a buffer overflo...

6.8CVSS6.3AI score0.03661EPSS
Exploits0References4
redhat
redhat
added 2007/11/29 2:56 p.m.6 views

pcre regular expression flaws

Perl-Compatible Regular Expression PCRE library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code...

6.8CVSS6.3AI score0.04077EPSS
Exploits0References4
Rows per page
Query Builder