Lucene search
K

31 matches found

Positive Technologies
Positive Technologies
added 2021/11/15 12:0 a.m.5 views

PT-2021-5546 · Busybox +5 · Busybox +5

Name of the Vulnerable Software and Affected Versions: Busybox affected versions not specified Description: A use-after-free issue in Busybox's awk applet can lead to denial of service and possibly code execution when processing a crafted awk pattern in the next input file function. This could...

9.8CVSS7.3AI score0.32919EPSS
Exploits23References207
RedHat Linux
RedHat Linux
added 2021/05/18 1:26 p.m.6 views

perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS

Perl before 5.30.3 has an integer overflow related to mishandling of a "PLregkindOPn == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection...

8.6CVSS6.9AI score0.04879EPSS
Exploits0References4
wpexploit
wpexploit
added 2021/01/28 12:0 a.m.126 views

Super Forms < 4.9.703 - Unauthenticated PHP File Upload to RCE

The plugin uses the jQuery File Upload library, but does not properly ensure that PHP files are forbidden. Note: Exploitation of the issue is not as easy as the original advisory in the references states. If a form from the plugin with an upload field is present on the blog, and is used to upload...

7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/02/26 12:0 a.m.6 views

PT-2019-19426

Name of the Vulnerable Software and Affected Versions GNU C Library aka glibc or libc6 versions prior to 2.30 Description The issue is related to Uncontrolled Recursion in the check dst limits calc pos 1 function in posix/regexec.c. This can be demonstrated by using a crafted pattern '|11' in gre...

7.5CVSS7.2AI score0.02447EPSS
Exploits1References10
OSV
OSV
added 2017/04/21 8:59 p.m.3 views

DEBIAN-CVE-2016-9954

The backtrack compilation code in the Irregex package aka IrRegular Expressions before 0.9.6 for Scheme allows remote attackers to cause a denial of service memory consumption via a crafted regular expression with a repeating pattern...

7.5CVSS7AI score0.02402EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/05/26 8:35 a.m.10 views

pcre: Buffer overflow caused by duplicate named references (8.38/36)

The compileregex function in pcrecompile.c in PCRE before 8.38 and pcre2compile.c in PCRE2 before 10.2x mishandles the /?J:?|:?|?'R'\k'R'|?'R'H'Rk'Rf|s?'R'/ and /?J:?|:?|?'R'\z?|?'R'\k'R'|?'R'k'R'|?'R'H'Ak'Rf|s?'R'/ patterns, and related patterns with certain group references, which allows remote...

7.5CVSS7.5AI score0.05286EPSS
Exploits1References4
OSV
OSV
added 2015/12/02 1:59 a.m.3 views

DEBIAN-CVE-2015-8381

The compileregex function in pcrecompile.c in PCRE before 8.38 and pcre2compile.c in PCRE2 before 10.2x mishandles the /?J:?|:?|?'R'\k'R'|?'R'H'Rk'Rf|s?'R'/ and /?J:?|:?|?'R'\z?|?'R'\k'R'|?'R'k'R'|?'R'H'Ak'Rf|s?'R'/ patterns, and related patterns with certain group references, which allows remote...

7.5CVSS8.8AI score0.05286EPSS
Exploits1References1
OSV
OSV
added 2015/12/01 12:0 a.m.5 views

UBUNTU-CVE-2015-8381

The compileregex function in pcrecompile.c in PCRE before 8.38 and pcre2compile.c in PCRE2 before 10.2x mishandles the /?J:?|:?|?'R'\k'R'|?'R'H'Rk'Rf|s?'R'/ and /?J:?|:?|?'R'\z?|?'R'\k'R'|?'R'k'R'|?'R'H'Ak'Rf|s?'R'/ patterns, and related patterns with certain group references, which allows remote...

7.5CVSS7.4AI score0.05286EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2015/12/01 12:0 a.m.3 views

PT-2015-7791 · Php Community +2 · Pcre +2

Name of the Vulnerable Software and Affected Versions: PCRE versions prior to 8.38 Description: The issue concerns how PCRE handles the : and substrings in character classes. This mishandling allows remote attackers to cause a denial of service due to an uninitialized memory read or possibly have...

9.8CVSS7.7AI score0.09157EPSS
Exploits12References123
RedHat Linux
RedHat Linux
added 2008/06/17 4:8 p.m.3 views

perl: heap corruption by regular expressions with utf8 characters

Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service memory corruption and crash via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems...

5CVSS5.8AI score0.03153EPSS
Exploits1References4
OSV
OSV
added 2007/11/15 7:46 p.m.8 views

CVE-2006-7230

Perl-Compatible Regular Expression PCRE library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the 1 -x or 2 -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service PCRE or...

6.3AI score0.01666EPSS
Exploits0References28
Rows per page
Query Builder