python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib

A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use this flaw to cause denial of service...

Arbitrary Code Execution

Perl is vulnerable to arbitrary code execution. A heap-based buffer-overflow vulnerability could occur because Perl fails to properly bounds-check user-supplied input. An attacker could gain write access via a crafted regular expression which triggers invalid write operations...

Out-of-Bounds Write

PHP is vulnerable to out-of-bounds writes. This occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parsecharclass could create an execution path that leaves a critical local variable...

Out-Of-Bounds Read

PHP is vulnerable to out-of-bounds reads. The vulnerability exists in mbcenclen during regular expression searching. reg-dmin in forwardsearchrange when not handled properly would result in an invalid pointer dereference as an out-of-bounds read from a stack buffer...

Out-of-Bounds Write

PHP is vulnerable to out-of-bounds write vulnerability. The vulnerability exists in nextstateval during regular expression compilation in in Oniguruma. Octal numbers larger than 0xff are not handled correctly in fetchtoken and fetchtokenincc. A malformed regular expression containing an octal...

Out-Of-Bounds Read

PHP is vulnerable to out-of-bounds reads. The vulnerability exists in matchat during regular expression searching because of a logical error involving order of validation and access in matchat...

EulerOS Virtualization 3.0.1.0 : pcre (EulerOS-SA-2019-1558)

According to the versions of the pcre packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - PCRE before 8.36 mishandles the /?Ra|?1+/ pattern and related patterns with certain recursion, which allows remote attackers to cau...

WAFW00F v1.0.0 - Detect All The Web Application Firewall!

WAFW00F identifies and fingerprints Web Application Firewall WAF products. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of potentially...

CVE-2017-16116

The string module is a module that provides extra string operations. The string module is vulnerable to regular expression denial of service when specifically crafted untrusted user input is passed into the underscore or unescapeHTML methods...

Regular Expression Denial-of-Service (DoS)

remarkable is vulnerable to regex denial of service. Malicious users can craft a string inside the CDATA tag to cause the regex function to consume a large amount of system resources that could potentially result in a crash...

EulerOS Virtualization 3.0.1.0 : file (EulerOS-SA-2019-1424)

According to the versions of the file packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the File Information fileinfo extension rules for detecting AWK files. A remote attacker coul...

EulerOS Virtualization 3.0.1.0 : perl (EulerOS-SA-2019-1464)

According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write...

CVE-2019-12041

lib/common/htmlre.js in remarkable 1.7.1 allows Regular Expression Denial of Service ReDoS via a CDATA section...

Design/Logic Flaw

lib/common/htmlre.js in remarkable 1.7.1 allows Regular Expression Denial of Service ReDoS via a CDATA section...

CVE-2019-12041

lib/common/htmlre.js in remarkable 1.7.1 allows Regular Expression Denial of Service ReDoS via a CDATA section...

PT-2019-12629 · Remarkable · Remarkable

Name of the Vulnerable Software and Affected Versions: remarkable version 1.7.1 Description: The issue allows for Regular Expression Denial of Service ReDoS via a CDATA section in the lib/common/html re.js file. Recommendations: For version 1.7.1, at the moment, there is no information about a...

(0Day) Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

Denial Of Service (DoS) Through Memory Corruption

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Arbitrary Code Execution

php56 is vulnerable to arbitrary code execution. The vulnerability exists due to a flaw in the regular expression parser...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...