Lucene search
K

27 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:8 p.m.42 views

K16983: PCRE library vulnerability CVE-2015-2325

Security Advisory Description PCRE library is prone to a heap overflow vulnerability. Due to insufficient bounds checking inside compilebranch, the heap memory could be overflowed via a crafted regular expression. Since PCRE library is widely used, this vulnerability should affect many applicatio...

7.8CVSS8.2AI score0.01575EPSS
Exploits1Affected Software21
Tenable Nessus
Tenable Nessus
added 2022/11/18 12:0 a.m.39 views

MariaDB 10.0.0 < 10.0.18 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.0.18. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.0.18 advisory. - The compilebranch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of...

7.8CVSS7AI score0.09984EPSS
Exploits2References10
OSV
OSV
added 2020/01/14 5:15 p.m.11 views

CVE-2015-2325

The compilebranch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service out-of-bounds heap read and crash, or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large...

7.8CVSS7.9AI score
Exploits0References7
CVE
CVE
added 2020/01/14 4:46 p.m.271 views

CVE-2015-2325

CVE-2015-2325 is a PCRE vulnerability where the compile_branch() function performs improper bounds checks, enabling a heap-based buffer overflow via a crafted regular expression (group with a forward reference repeated many times in an outer group with zero minimum quantifier). Affected: PCRE lib...

7.8CVSS6.6AI score0.01575EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2020/01/14 4:46 p.m.51 views

CVE-2015-2325

The compilebranch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service out-of-bounds heap read and crash, or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large...

8AI score0.01575EPSS
Exploits1References4
Veracode
Veracode
added 2019/05/02 6:2 a.m.57 views

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

9.8CVSS9AI score0.36974EPSS
Exploits78References15Affected Software3
Tenable Nessus
Tenable Nessus
added 2019/01/09 12:0 a.m.55 views

PHP 5.6.x < 5.6.10 Multiple Vulnerabilities

According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities : - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression PCRE library due to improper validatio...

10CVSS9.6AI score0.16948EPSS
Exploits5References10
Tenable Nessus
Tenable Nessus
added 2016/12/16 12:0 a.m.72 views

SUSE SLED12 / SLES12 Security Update : pcre (SUSE-SU-2016:3161-1)

This update for pcre to version 8.39 bsc972127 fixes several issues. If you use pcre extensively please be aware that this is an update to a new version. Please make sure that your software works with the updated version. This version fixes a number of vulnerabilities that affect pcre and...

9.8CVSS7.8AI score0.09157EPSS
Exploits11References64
Tenable Nessus
Tenable Nessus
added 2016/06/14 12:0 a.m.38 views

F5 Networks BIG-IP : PCRE library vulnerability (K16983)

PCRE library is prone to a heap overflow vulnerability. Due to insufficient bounds checking inside compilebranch, the heap memory could be overflowed via a crafted regular expression. Since PCRE library is widely used, this vulnerability should affect many applications using it. An attacker may...

7.8CVSS7AI score0.01575EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2016/04/11 12:0 a.m.41 views

Ubuntu: Security Advisory (USN-2943-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.09157EPSS
Exploits11References2
OpenWrt
OpenWrt
added 2016/01/28 12:23 p.m.724 views

php: Security update (7 CVEs)

The php package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 5.6.8-1 = 5.6.17-1 CHANGELOG Sun, 24 Jan 2016 21:47:52 +0100 18d121b Update to 5.6.17 Fixes CVE-2016-1903. Wed, 23 Dec 2015 16:00:14 -0500 766cfcc Update to 5.6.16 Wed, ...

7.5CVSS0.07806EPSS
Exploits5References18
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.48 views

Amazon Linux: Security Advisory (ALAS-2015-534)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8AI score0.50129EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.52 views

Amazon Linux: Security Advisory (ALAS-2015-563)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.16948EPSS
Exploits5References3
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.48 views

Amazon Linux: Security Advisory (ALAS-2015-562)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.16948EPSS
Exploits5References3
securityvulns
securityvulns
added 2015/08/02 12:0 a.m.96 views

[USN-2694-1] PCRE vulnerabilities

========================================================================== Ubuntu Security Notice USN-2694-1 July 29, 2015 pcre3 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

7.5CVSS1.1AI score0.09157EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2015/07/20 12:0 a.m.50 views

Slackware 14.0 / 14.1 / current : php (SSA:2015-198-02) (BACKRONYM)

New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-198-02. The text itself is copyright C...

10CVSS6.9AI score0.16948EPSS
Exploits6References10
Slackware Linux
Slackware Linux
added 2015/07/17 8:25 p.m.59 views

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.4.43-i486-1slack14.1.txz: Upgraded. This update fixes some bugs and security issues. For more information, see:...

10CVSS8.1AI score0.16948EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2015/07/09 12:0 a.m.57 views

Amazon Linux AMI : php55 (ALAS-2015-562)

Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326. All PHP 5.5 users are encouraged to upgrade to this version. Please see the upstream release notes for...

10CVSS7AI score0.16948EPSS
Exploits5References10
Tenable Nessus
Tenable Nessus
added 2015/07/09 12:0 a.m.57 views

Amazon Linux AMI : php56 (ALAS-2015-563)

Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries CVE-2015-3414 , CVE-2015-3415 , CVE-2015-3416 , CVE-2015-2325 and CVE-2015-2326. All PHP 5.6 users are encouraged to upgrade to this version. Please see the upstream release notes for...

10CVSS7AI score0.16948EPSS
Exploits5References10
Amazon
Amazon
added 2015/07/07 12:0 a.m.72 views

Medium: php56

Issue Overview: Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326. All PHP 5.6 users are encouraged to upgrade to this version. Please see the upstream...

10CVSS8.4AI score0.16948EPSS
Exploits5
Rows per page
Query Builder