8493 matches found
CVE-2004-2590
Unspecified vulnerability in meindlSOFT Cute PHP Library aka cphplib 0.46 has unknown impact and attack vectors, related to regular expressions...
FreeIPS 1.0 Protected Service - Denial of Service
FreeIPS 1.0 Protected Service - Denial of Service / source: https://www.securityfocus.com/bid/10541/info It is reported that FreeIPS is susceptible to a denial of service vulnerability. FreeIPS scans TCP connections for particular strings, defined by regular expressions. If a packet matches the...
security flaw
Multiple stack-based buffer overflows in 1 modalias and 2 modrewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service crash or execute arbitrary code via a regular expression with more than 9 captures...
Apache local buffer overflow
Buffer overflow on parsing regular expressions in .htaccess...
Security hole in MatrikzGB
Security hole in MatrikzGB Guestbook 15/8/2003 Vulnerable Versions: Version 2.0 and prior Version 3 not tested Summary: MatrikzGB was written by Thomas Hempel for www.onsite.org. A bug in index.php allows a user with a regular user account to give administrator rights to himself. Details: The bug...
Apache Httpd < 1.3.29 : Local configuration regular expression overflow
By using a regular expression with more than 9 captures a buffer overflow can occur in modalias or modrewrite. To exploit this an attacker would need to be able to create a carefully crafted configuration file .htaccess or httpd.conf...
Apache Httpd < 2.0.48 : Local configuration regular expression overflow
By using a regular expression with more than 9 captures a buffer overflow can occur in modalias or modrewrite. To exploit this an attacker would need to be able to create a carefully crafted configuration file .htaccess or httpd.conf...
CVE-2002-2175
phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username...
Apache web server performs case sensitive filtering on Mac OS X HFS+ case insensitive filesystem
Overview The Apache 1.3.14 web server's file access protection scheme can be bypassed for the Mac OS X HFS+ filesystem. Description The Apache web server's file access protection scheme i.e., file request "filtering" assumes that the filesystem being protected is case sensitve. For example, in a...
CVE-2000-0115
IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page...
PT-2005-5614 · Pcre +2 · Pcre-32Bit +4
Name of the Vulnerable Software and Affected Versions: pcre-32bit versions affected versions not specified pcre versions affected versions not specified pcre-devel versions affected versions not specified Description: The issue concerns multiple vulnerabilities in the pcre package of the SUSE Lin...
CVE-2026-45756: JsonPath Evaluates Attacker-Controlled Regular Expressions in match()/search() Without Limits: ReDoS
More info at https://symfony.com/cve-2026-45756...
CVE-2026-45756: JsonPath Evaluates Attacker-Controlled Regular Expressions in match()/search() Without Limits: ReDoS
More info at https://symfony.com/cve-2026-45756...