Lucene search
K

204 matches found

OSV
OSV
added 2020/02/14 2:15 p.m.3 views

DEBIAN-CVE-2019-20454

An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. T...

7.5CVSS6.2AI score0.01561EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2019/07/28 12:0 a.m.10 views

PT-2019-6339 · Pcre +7 · Pcre +7

Name of the Vulnerable Software and Affected Versions: PCRE versions prior to 10.34 Description: An out-of-bounds read was discovered in PCRE when the pattern X is JIT compiled and used to match specially crafted subjects in non-UTF mode. This issue affects applications that use PCRE to parse...

9.8CVSS6.4AI score0.08888EPSS
Exploits19References207
OSV
OSV
added 2019/03/21 3:59 p.m.3 views

DEBIAN-CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

5.5CVSS7.1AI score0.00524EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2018/08/16 4:6 p.m.7 views

pcre: stack-based buffer overflow write in pcre32_copy_substring

Stack-based buffer overflow in the pcre32copysubstring function in pcreget.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service WRITE of size 4 or possibly have unspecified other impact via a crafted file...

7.8CVSS7.7AI score0.02218EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2018/01/18 12:0 a.m.7 views

The vulnerability of the PCRE library in the Mac OS X operating system allows a hacker to cause a service failure or exert other effects.

Vulnerability of the PCRE library in the Mac OS X operating system. Exploiting this vulnerability can allow a malicious actor to cause service failure application termination or have other adverse effects...

10CVSS7.8AI score0.02925EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/07/11 3:29 a.m.4 views

ALPINE-CVE-2017-11164

In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...

7.5CVSS6.9AI score0.03102EPSS
Exploits0References1
OSV
OSV
added 2017/07/11 3:29 a.m.5 views

DEBIAN-CVE-2017-11164

In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...

7.5CVSS6.9AI score0.03102EPSS
Exploits0References1
Fedora
Fedora
added 2017/04/22 9:24 a.m.31 views

[SECURITY] Fedora 25 Update: pcre2-10.23-6.fc25

PCRE2 is a re-working of the original PCRE Perl-compatible regular expression library to provide an entirely new API. PCRE2 is written in C, and it has its own API. There are three sets of functions, one for the 8-bit library, which processes strings of bytes, one for the 16-bit library, which...

7.5CVSS2.1AI score0.05033EPSS
Exploits0
CNVD
CNVD
added 2017/03/28 12:0 a.m.11 views

PCRE 'pcre32_copy_substring' function buffer overflow vulnerability (CNVD-2017-04912)

PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. A buffer overflow vulnerability exists in the 'pcre32copysubstring' function in the pcreget.c file of libpcre1 in PCRE version 8.40. A...

7.8CVSS9.7AI score0.02598EPSS
Exploits0References1
OSV
OSV
added 2017/03/23 9:59 p.m.2 views

ALPINE-CVE-2017-7244

The pcre32xclass function in pcrexclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service invalid memory read via a crafted file...

5.5CVSS6.7AI score0.01995EPSS
Exploits0References1
OSV
OSV
added 2017/03/23 9:59 p.m.1 views

DEBIAN-CVE-2017-7245

Stack-based buffer overflow in the pcre32copysubstring function in pcreget.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service WRITE of size 4 or possibly have unspecified other impact via a crafted file...

7.8CVSS9.4AI score0.02218EPSS
Exploits0References1
CNVD
CNVD
added 2017/02/24 12:0 a.m.5 views

PCRE 'compile_bracket_matchingpath()' Function Denial of Service Vulnerability

PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. PCRE suffers from a denial of service vulnerability. An attacker could exploit this vulnerability to cause a denial of service or execute...

7.5CVSS9.5AI score0.04546EPSS
Exploits0References1
OSV
OSV
added 2017/02/16 11:59 a.m.4 views

UBUNTU-CVE-2017-6004

The compilebracketmatchingpath function in pcrejitcompile.c in PCRE through 8.x before revision 1680 e.g., the PHP 7.1.1 bundled version allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted regular expression...

7.5CVSS7.2AI score0.04546EPSS
Exploits0References3
OSV
OSV
added 2016/12/13 4:59 p.m.3 views

DEBIAN-CVE-2015-3217

PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service stack-based buffer overflow via a crafted regular expression, as demonstrated by /^?:?1\.|^\\W?++$/...

7.5CVSS8.8AI score0.06169EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.14 views

pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)

Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^?P=B?P=B?J:?Pc?Pa?P=BWGXCREDITS/, a different vulnerability than CVE-2015-8384...

9.8CVSS7.8AI score0.09157EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.7 views

pcre: Buffer overflow caused by duplicate named references (8.38/36)

The compileregex function in pcrecompile.c in PCRE before 8.38 and pcre2compile.c in PCRE2 before 10.2x mishandles the /?J:?|:?|?'R'\k'R'|?'R'H'Rk'Rf|s?'R'/ and /?J:?|:?|?'R'\z?|?'R'\k'R'|?'R'k'R'|?'R'H'Ak'Rf|s?'R'/ patterns, and related patterns with certain group references, which allows remote...

7.5CVSS7.5AI score0.05286EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.7 views

pcre: Buffer overflow caused by duplicate named references (8.38/36)

PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and...

7.5CVSS7.4AI score0.03543EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.4 views

pcre: stack overflow caused by mishandled group empty match (8.38/11)

PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service stack-based buffer overflow via a crafted regular expression, as demonstrated by /^?:?1\.|^\\W?++$/...

7.5CVSS7.4AI score0.06169EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.5 views

pcre: heap buffer overflow in compile_branch()

The compilebranch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service out-of-bounds heap read and crash, or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large...

7.8CVSS7AI score0.01575EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.8 views

pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)

PCRE before 8.38 mishandles the /?J?'d'?'d'\gd/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScri...

7.5CVSS7.4AI score0.03399EPSS
Exploits0References4
Rows per page
Query Builder