9085 matches found
Moderate: Red Hat Security Advisory: php55 security and bug fix update
Updated php55 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Data Injection Vulnerability in moped Rubygem
A flaw in the ObjectId validation regular expression can enable attackers to inject arbitrary information into a given BSON object...
CVE-2015-0217
filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to cause a denial of service CPU consumption or partial outage via a crafted string that is matched against an improper regular expression...
Input validation
filter/urltolink/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to cause a denial of service CPU consumption or partial outage via a crafted string that is matched against an improper regular expression...
UBUNTU-CVE-2015-2268
filter/urltolink/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to cause a denial of service CPU consumption or partial outage via a crafted string that is matched against an improper regular expression...
UBUNTU-CVE-2015-0217
filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to cause a denial of service CPU consumption or partial outage via a crafted string that is matched against an improper regular expression...
CVE-2015-0217
filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to cause a denial of service CPU consumption or partial outage via a crafted string that is matched against an improper regular expression...
Input validation
filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to cause a denial of service CPU consumption or partial outage via a crafted string that is matched against an improper regular expression...
CVE-2015-0217
filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to cause a denial of service CPU consumption or partial outage via a crafted string that is matched against an improper regular expression...
CVE-2015-3210
Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^?P=B?P=B?J:?Pc?Pa?P=BWGXCREDITS/, a different vulnerability than CVE-2015-8384...
pcre -- multiple vulnerabilities
Venustech ADLAB reports: PCRE library is prone to a vulnerability which leads to Heap Overflow. During the compilation of a malformed regular expression, more data is written on the malloced block than the expected size output by compileregex. PCRE library is prone to a vulnerability which leads ...
Security Researchers Publish Comments on Wassenaar Rules
With the two-month comment period for the proposed U.S. Wassenaar Arrangement rules barely under way, a cast of influential security researchers has wasted no time preparing and submitting their thoughts on the controversial proposal. Researchers who seek out vulnerabilities in software—developin...
Apache Tomcat 7.0.0 < 7.0.59
The version of Tomcat installed on the remote host is prior to 7.0.59. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.59security-7 advisory. - The Expression Language EL implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before...
SUSE SLED12 / SLES12 Security Update : icu (SUSE-SU-2015:0458-1)
icu was updated to fix one security issue. This security issue was fixed : - CVE-2014-9654: Insufficient size limit checks in regular expression compiler bnc917129. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable h...
Debian DLA-219-1 : icu security update
Several vulnerabilities were discovered in the International Components for Unicode ICU library : CVE-2013-1569 Glyph table issue. CVE-2013-2383 Glyph table issue. CVE-2013-2384 Font layout issue. CVE-2013-2419 Font processing issue. CVE-2014-6585 Out-of-bounds read. CVE-2014-6591 Additional...
DLA-219-1 icu - security update
Bulletin has no description...
Medium: php
Issue Overview: Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library aka rxspencer alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression...
Fixed in Apache Tomcat 6.0.44
Low: Denial of Service CVE-2014-0230 When a response for a request with a request body is returned to the user agent before the request body is fully read, by default Tomcat swallows the remaining request body so that the next request on the connection may be processed. There was no limit to the...
tomcat -- multiple vulnerabilities
Apache Software Foundation reports: Low: Denial of Service CVE-2014-0230 When a response for a request with a request body is returned to the user agent before the request body is fully read, by default Tomcat swallows the remaining request body so that the next request on the connection may be...
Microsoft Windows VBScript Regular Expression Information Disclosure Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how VBScript...