Lucene search
K

29 matches found

OSV
OSV
added 2025/09/12 8:43 a.m.7 views

CLSA-2025-1757666588 ruby: Fix of CVE-2017-9226

CVE-2017-9226: fix a heap out-of-bounds write or read occurs in nextstateval during regular expression compilation...

9.8CVSS6.8AI score0.07511EPSS
Exploits1References1
Amazon
Amazon
added 2025/04/16 12:0 a.m.5 views

Important: php

Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly i...

9.8CVSS8.9AI score0.08003EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.22 views

Linux Distros Unpatched Vulnerability : CVE-2017-9226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read...

9.8CVSS7.1AI score0.07511EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.28 views

RHEL 6 : oniguruma (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read...

10AI score0.10539EPSS
Exploits12References12
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.26 views

RHEL 5 : oniguruma (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read...

10AI score0.10539EPSS
Exploits12References11
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.109 views

Amazon Linux 2 : oniguruma (ALAS-2023-2311)

The version of oniguruma installed on the remote host is prior to 5.9.6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2311 advisory. An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through...

9.8CVSS7.4AI score0.07511EPSS
Exploits4References10
Amazon
Amazon
added 2023/10/19 12:0 a.m.81 views

Important: oniguruma

Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly i...

9.8CVSS8.2AI score0.07511EPSS
Exploits4
F5 Networks
F5 Networks
added 2023/02/21 6:33 p.m.104 views

K01709026: PHP vulnerabilities CVE-2017-7890 and CVE-2017-9226

Security Advisory Description CVE-2017-7890 The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized...

9.8CVSS7AI score0.07511EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.44 views

Ubuntu: Security Advisory (USN-3382-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.07511EPSS
Exploits6References2
Check Point Advisories
Check Point Advisories
added 2020/09/24 12:0 a.m.16 views

Oniguruma Project Memory Corruption (CVE-2017-9226)

A memory corruption vulnerability exists in Oniguruma project oniguruma 6.2.0. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.7AI score0.07511EPSS
Exploits1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.52 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2221)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.35438EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2019/12/10 12:0 a.m.47 views

EulerOS 2.0 SP2 : ruby (EulerOS-SA-2019-2403)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bound...

9.8CVSS7.3AI score0.07511EPSS
Exploits4References5
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.42 views

Security Bulletin: Vulnerabilities in PHP affect IBM Chassis Management Module (CVE-2017-9227, CVE-2017-9226, CVE-2017-9224)

Summary IBM Chassis Management Module has addressed the following vulnerabilities in PHP. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerabilities in PHP. Vulnerability Details: CVEID: CVE-2017-9227 Description: Oniguruma is vulnerable to a stack-bas...

9.8CVSS1.4AI score0.07511EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.45 views

SUSE SLES12 Security Update : php7 (SUSE-SU-2017:1717-1)

This update for php7 fixes the following security issues : - CVE-2017-9224: stack out-of-bounds read occurs in matchat could lead to Denial of service bsc1040891 - CVE-2017-9226: heap out-of-bounds write orread occurs in nextstateval could lead to Denial of servicebsc1040889 - CVE-2017-9227: stac...

9.8CVSS7AI score0.07511EPSS
Exploits4References16
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.68 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2017:1662-1)

This update for php5 fixes the following security issues : - CVE-2016-6294: The localeacceptfromhttp function in ext/intl/locale/localemethods.c did not properly restrict calls to the ICU ulocacceptLanguageFromHTTP function, which allowed remote attackers to cause a denial of service out-of-bound...

9.8CVSS7AI score0.07511EPSS
Exploits4References13
OpenVAS
OpenVAS
added 2018/01/24 12:0 a.m.42 views

Debian: Security Advisory (DLA-958-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.07511EPSS
Exploits5References3
F5 Networks
F5 Networks
added 2017/08/08 12:3 a.m.199 views

PHP vulnerabilities CVE-2017-9226 and CVE-2017-7890

F5 Product Development has evaluated the currently supported releases for potential vulnerability. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the...

9.8CVSS1.2AI score0.07511EPSS
Exploits1
OpenVAS
OpenVAS
added 2017/08/04 12:0 a.m.50 views

Fedora Update for php FEDORA-2017-b8bb4b86e2

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.07511EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2017/07/17 12:0 a.m.53 views

Fedora 26 : oniguruma (2017-ee01a2ced6)

Multiple security flaws were found on the previous version of oniguruma. This new version should fix the issue. Fixed CVEs: CVE-2017-9226 CVE-2017-9225 CVE-2017-9224 CVE-2017-9227 CVE-2017-9229 CVE-2017-9228 Note that Tenable Network Security has extracted the preceding description block directly...

9.8CVSS6.9AI score0.07511EPSS
Exploits6References7
OpenVAS
OpenVAS
added 2017/07/14 12:0 a.m.39 views

Fedora Update for php FEDORA-2017-b674dc22ad

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.07511EPSS
Exploits5References2
Rows per page
Query Builder