12 matches found
RHEL 6 / 7 : rh-mariadb100-mariadb (RHSA-2016:1132)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1132 advisory. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaD...
Arbitrary Code Execution
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Security Bulletin:Multiple vulnerabilities in PCRE affect IBM Tivoli Network Manager IP Edition.
Summary Multiple vulnerabilities exist in PCRE v5.x, shipped with IBM Tivoli Network Manager IP Edition. Therefore PCRE 8.38 has been upgraded in IBM Tivoli Network Manager IP Edition. Vulnerability Details CVEID: CVE-2015-3210 DESCRIPTION: PCRE is vulnerable to a heap-based buffer overflow. By...
GLSA-201607-02 : libpcre: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201607-02 libpcre: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in libpcre. Please review the CVE identifiers referenced below for details. Impact : An attacker can possibly execute arbitrary code or crea...
pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)
PCRE before 8.38 mishandles the /?J?'d'?'d'\gd/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScri...
CVE-2015-8392
PCRE before 8.38 mishandles certain instances of the ?| substring, which allows remote attackers to cause a denial of service unintended recursion and buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...
Design/Logic Flaw
PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and...
Buffer overflow
PCRE before 8.38 mishandles the /?J?'d'?'d'\gd/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScri...
CVE-2015-8392
PCRE vulnerability CVE-2015-8383 (and related CVEs such as 2015-8381/8386/8388/8391/8392/8390/8395) is caused by mishandling certain complex regex patterns in PCRE before version 8.38, enabling remote denial of service or heap-based buffer overflow via crafted JavaScript RegExp objects (Konqueror...
CVE-2015-8384
PCRE before 8.38 mishandles the /?J?'d'?'d'\gd/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScri...
CVE-2015-8395
PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and...
CVE-2015-8392
PCRE before 8.38 mishandles certain instances of the ?| substring, which allows remote attackers to cause a denial of service unintended recursion and buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...