Lucene search
K

168 matches found

Tenable Nessus
Tenable Nessus
added 2019/01/09 12:0 a.m.69 views

PHP 5.6.x < 5.6.7 Multiple Vulnerabilities

According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.7. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists related to function 'unserialize', which can allow a remote attacker to execute arbitrary code. Note that this...

7.5CVSS9.4AI score0.53166EPSS
Exploits21References10
CNVD
CNVD
added 2018/12/03 12:0 a.m.2 views

Perl heap overflow vulnerability (CNVD-2019-09594)

Perl is a high-level, general-purpose, interpreted, dynamic programming language. A heap overflow vulnerability exists in SgrokbslashN in 'regcomp.c' in Perl 5.26 during compilation, which can be exploited by a remote attacker to obtain sensitive information via a specially crafted regular...

9.1CVSS9.3AI score0.09524EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2018/04/23 6:51 a.m.4 views

perl: heap write overflow in regcomp.c

A heap buffer write overflow, with control over the bytes written, was found in the way regular expressions employing Unicode rules are compiled. An attacker, with the ability to provide a specially crafted regular expression, could crash the perl interpreter, or possibly execute arbitrary code...

9.8CVSS7.7AI score0.06599EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/04/16 12:0 a.m.49 views

FreeBSD : perl -- multiple vulnerabilities (41c96ffd-29a6-4dcc-9a88-65f5038fa6eb)

perldelta : CVE-2018-6797: heap-buffer-overflow WRITE of size 1 in Sregatom regcomp.c A crafted regular expression could cause a heap buffer write overflow, with control over the bytes written. perl 132227 CVE-2018-6798: Heap-buffer-overflow in Perlbytedumpstring utf8.c Matching a crafted locale...

9.8CVSS7.1AI score0.10866EPSS
Exploits0References6
Prion
Prion
added 2017/09/19 6:29 p.m.22 views

Heap overflow

Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a regular expression with a '\N' escape and the case-insensitive modifier...

5CVSS8.1AI score0.06207EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2017/09/19 6:29 p.m.5 views

CVE-2017-12837

Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a regular expression with a '\N' escape and the case-insensitive modifier...

7.5CVSS5.9AI score0.06207EPSS
Exploits0References11
OSV
OSV
added 2017/09/19 6:29 p.m.3 views

DEBIAN-CVE-2017-12837

Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a regular expression with a '\N' escape and the case-insensitive modifier...

7.5CVSS8.3AI score0.06207EPSS
Exploits0References1
OSV
OSV
added 2017/09/19 6:29 p.m.3 views

DEBIAN-CVE-2017-12883

Buffer overflow in the SgrokbslashN function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service application crash via a crafted regular expression with an invalid '\NU+...' escape...

9.1CVSS6.9AI score0.05908EPSS
Exploits0References1
OSV
OSV
added 2017/09/19 12:0 a.m.5 views

UBUNTU-CVE-2017-12837

Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a regular expression with a '\N' escape and the case-insensitive modifier...

7.5CVSS7AI score0.06207EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2016/11/03 12:0 a.m.7 views

The vulnerability of the library that handles system calls and core functions of glibc allows a attacker to cause a service failure.

The vulnerability of the regcomp implementation in the library that handles system calls and core functions of glibc is related to errors in the code. Exploiting this vulnerability allows an attacker, operating remotely, to cause a service failure termination of the application by using regular...

5CVSS5.5AI score0.39995EPSS
Exploits12References14Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/11/03 12:0 a.m.8 views

The vulnerability of the library that handles system calls and core functions of glibc allows a attacker to cause a service failure.

The vulnerability of the regcomp implementation in the library that handles system calls and core glibc functions is related to resource management errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure resource exhaustion through regular expressions containin...

5CVSS5.5AI score0.39995EPSS
Exploits12References14Affected Software1
exploitpack
exploitpack
added 2015/09/22 12:0 a.m.26 views

Apple Mac OSX Regex Engine (TRE) - Stack Buffer Overflow (PoC)

Apple Mac OSX Regex Engine TRE - Stack Buffer Overflow PoC Source: https://code.google.com/p/google-security-research/issues/detail?id=428 OS X Libc uses the slightly obscure TRE regex engine http://laurikari.net/tre/ If used in enhanced mode by passing the REGENHANCED flag to regcomp TRE support...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2015/09/22 12:0 a.m.31 views

Apple Mac OSX Regex Engine (TRE) - Integer Signedness / Overflow

Source: https://code.google.com/p/google-security-research/issues/detail?id=429 The OS X regex engine function tretnfarunparallel contains the following code: int tbytes; ... if !matchtags numtags = 0; else numtags = tnfa-numtags; ... int rbytes, pbytes, totalbytes; char tmpbuf; / Compute the...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.58 views

Amazon Linux: Security Advisory (ALAS-2015-506)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.42593EPSS
Exploits7References2
RedHat Linux
RedHat Linux
added 2015/06/04 8:6 a.m.6 views

regex: heap overflow in regcomp() on 32-bit architectures

A heap buffer overflow flaw was found in the regcomp function of Henry Spencer's regular expression library. An attacker able to make an application process a specially crafted regular expression pattern with the regcomp function could cause that application to crash and possibly execute arbitrar...

6.8CVSS7.1AI score0.0837EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/06/04 8:2 a.m.6 views

regex: heap overflow in regcomp() on 32-bit architectures

A heap buffer overflow flaw was found in the regcomp function of Henry Spencer's regular expression library. An attacker able to make an application process a specially crafted regular expression pattern with the regcomp function could cause that application to crash and possibly execute arbitrar...

6.8CVSS7.1AI score0.0837EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/05/27 12:0 a.m.49 views

SUSE SLED11 / SLES11 Security Update : MySQL (SUSE-SU-2015:0946-1) (FREAK)

MySQL was updated to version 5.5.43 to fix several security and non security issues : CVEs fixed: CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206, CVE-2015-0405, CVE-2015-0423, CVE-2015-0433, CVE-2015-0438, CVE-2015-0439,...

6.8CVSS7.4AI score0.98685EPSS
Exploits1References67
Tenable Nessus
Tenable Nessus
added 2015/05/18 12:0 a.m.44 views

Amazon Linux AMI : php (ALAS-2015-524)

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library aka rxspencer alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a...

6.8CVSS7.8AI score0.0837EPSS
Exploits1References2
Amazon
Amazon
added 2015/05/14 12:0 a.m.45 views

Medium: php

Issue Overview: Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library aka rxspencer alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression...

6.8CVSS8.5AI score0.0837EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/04/17 12:0 a.m.102 views

Amazon Linux AMI : php55 (ALAS-2015-507)

A use-after-free flaw was found in the way PHP's unserialize function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code. CVE-2015-0231 An integer overflow flaw,...

7.5CVSS7.7AI score0.42593EPSS
Exploits7References4
Rows per page
Query Builder