9211 matches found
CVE-2019-9169
In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...
CVE-2009-5155
In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service assertion failure and application exit or trigger an incorrect result by attempting a regular-expression match...
CVE-2019-9169
In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...
DEBIAN-CVE-2009-5155
In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service assertion failure and application exit or trigger an incorrect result by attempting a regular-expression match...
Design/Logic Flaw
In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service assertion failure and application exit or trigger an incorrect result by attempting a regular-expression match...
CVE-2019-9169
In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...
CVE-2009-5155
In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service assertion failure and application exit or trigger an incorrect result by attempting a regular-expression match...
CVE-2009-5155
CVE-2009-5155 affects the GNU C Library (glibc) prior to 2.28. The vulnerability is in parse_reg_exp (posix/regcomp.c) where misparsing alternatives can cause a denial of service (assertion failure and process exit) or yield an incorrect match result. Affected products include glibc in systems us...
EUVD-2019-18547
In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...
CVE-2019-9169
In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...
CVE-2019-9169
In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...
CVE-2009-5155
In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service assertion failure and application exit or trigger an incorrect result by attempting a regular-expression match...
CVE-2019-9169
In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. Recent assessments: busterb at June 15, 2020 6:59pm UTC reported: A buffer overread in a very specific part of the...
CVE-2019-3824
A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service...
Nuxeo NuxeoUnknownResource Expression Language Injection (CVE-2018-16341)
An Expression Language injection vulnerability exist in Nuxeo Content Management System. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to the target server...
CVE-2019-9023
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in...
EulerOS 2.0 SP2 : python (EulerOS-SA-2019-1055)
According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - python: DOS via regular expression backtracking in difflib.ISLINEJUNK method in difflib CVE-2018-1061 - python: DOS via regular expression...
GHSA-XJ62-87PG-VCV3 Regular Expression Denial of Service in jshamcrest
The jshamcrest package is affected by a regular expression denial of service vulnerability when certain types of user input are passed in to the emailAddress validator. Proof of concept js var js = require'jshamcrest' var emailAddress = new js.JsHamcrest.Matchers.emailAddress; var genstr = functi...
GHSA-6354-6MHV-MVV5 Regular Expression Denial of Service in jadedown
The jadedown package is affected by a regular expression denial of service vulnerability when certain types of user input are passed in. Proof of concept js var jadedown = require'jadedown'; var genstr = function len, chr var result = ""; for i=0; i=len; i++ result = result + chr; return result;...
Regular Expression Denial of Service in jadedown
The jadedown package is affected by a regular expression denial of service vulnerability when certain types of user input are passed in. Proof of concept js var jadedown = require'jadedown'; var genstr = function len, chr var result = ""; for i=0; i=len; i++ result = result + chr; return result;...