Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.19 views

Linux Distros Unpatched Vulnerability : CVE-2019-19246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in strlowercasematch in regexec.c. CVE-2019-19246 Note that...

7.5CVSS7.2AI score0.02942EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.29 views

RHEL 6 : oniguruma (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - oniguruma: integer overflow in searchinrange function in regexec.c leads to out-of-bounds read...

10AI score0.10539EPSS
Exploits12References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.5 views

SUSE CVE-2019-19246

Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in strlowercasematch in regexec.c...

7.5CVSS9.8AI score0.02942EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2022/09/22 12:0 a.m.42 views

SUSE: Security Advisory (SUSE-SU-2022:3327-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.06889EPSS
Exploits4References9
OpenVAS
OpenVAS
added 2022/09/22 12:0 a.m.40 views

openSUSE: Security Advisory for oniguruma (SUSE-SU-2022:3327-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.2AI score0.06889EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.45 views

Ubuntu: Security Advisory (USN-4460-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.10539EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2020/11/05 12:0 a.m.36 views

Debian: Security Advisory (DLA-2431-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.10539EPSS
Exploits7References4
AlmaLinux
AlmaLinux
added 2020/09/08 8:38 a.m.79 views

Moderate: php:7.3 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.3.20. BZ1856655 Security Fixes: php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer...

9.8CVSS9AI score0.08888EPSS
Exploits19References23
OSV
OSV
added 2020/09/08 8:38 a.m.46 views

ALSA-2020:3662 Moderate: php:7.3 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.3.20. BZ1856655 Security Fixes: php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer...

9.8CVSS8.7AI score0.08888EPSS
Exploits19References23
Ubuntu
Ubuntu
added 2020/08/17 4:46 p.m.93 views

USN-4460-1: Oniguruma vulnerabilities

It was discovered that Oniguruma incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or other unspecified impact. CVE-2019-16163, CVE-2019-19012, CVE-2019-19204, CVE-2019-19246...

9.8CVSS7.1AI score0.10539EPSS
Exploits5
OpenVAS
OpenVAS
added 2020/04/30 12:0 a.m.61 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1542)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.9AI score0.26373EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2020/04/01 12:0 a.m.47 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1350)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.08818EPSS
Exploits7References2
RedhatCVE
RedhatCVE
added 2020/03/29 8:5 a.m.45 views

CVE-2019-19246

Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in strlowercasematch in regexec.c...

7.5CVSS2.3AI score0.02942EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/02/25 12:0 a.m.51 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1172)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.08818EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2020/02/25 12:0 a.m.46 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1178)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9AI score0.06889EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.49 views

Huawei EulerOS: Security Advisory for oniguruma (EulerOS-SA-2020-1019)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9AI score0.06889EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2020/01/09 12:0 a.m.76 views

Amazon Linux 2 : oniguruma (ALAS-2020-1380)

The version of oniguruma installed on the remote host is prior to 5.9.6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1380 advisory. Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. CVE-2019-16163 Oniguruma...

9.8CVSS7.3AI score0.10539EPSS
Exploits5References9
Amazon
Amazon
added 2020/01/06 12:0 a.m.59 views

Medium: oniguruma

Issue Overview: Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. CVE-2019-16163 Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in strlowercasematch in regexec.c.CVE-2019-19246 Affected Packages:...

9.8CVSS7.4AI score0.10539EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2020/01/02 12:0 a.m.72 views

EulerOS 2.0 SP8 : oniguruma (EulerOS-SA-2020-1019)

According to the versions of the oniguruma package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.CVE-2019-16163 - An issue was discovered in...

7.5CVSS7.1AI score0.06889EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2019/12/05 12:0 a.m.55 views

Debian DLA-2020-1 : libonig security update

Several vulnerabilities were discovered in the Oniguruma regular expressions library, notably used in PHP mbstring. CVE-2019-19012 An integer overflow in the searchinrange function in regexec.c leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker...

9.8CVSS7.5AI score0.10539EPSS
Exploits4References5
Rows per page
Query Builder