CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2015/12/02 12:0 a.m.•28 views

CVE-2015-8391

The pcrecompile function in pcrecompile.c in PCRE before 8.38 mishandles certain : nesting, which allows remote attackers to cause a denial of service CPU consumption or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

9.8CVSS7.7AI score0.06404EPSS

Debian CVE•added 2015/12/02 12:0 a.m.•24 views

CVE-2015-8387

PCRE before 8.38 mishandles ?123 subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service integer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by...

7.5CVSS8.6AI score0.03641EPSS

Debian CVE•added 2015/12/02 12:0 a.m.•29 views

CVE-2015-8389

PCRE before 8.38 mishandles the /?:|a|100x/ pattern and related patterns, which allows remote attackers to cause a denial of service infinite recursion or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konquero...

9.8CVSS9.2AI score0.03887EPSS

Debian CVE•added 2015/12/02 12:0 a.m.•31 views

CVE-2015-8394

PCRE before 8.38 mishandles the ? and ?R conditions, which allows remote attackers to cause a denial of service integer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror...

9.8CVSS9.2AI score0.04815EPSS

UbuntuCve•added 2015/12/01 12:0 a.m.•25 views

CVE-2015-8380

The pcreexec function in pcreexec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegE...

7.5CVSS7.3AI score0.04436EPSS

Exploits1References5

UbuntuCve•added 2015/12/01 12:0 a.m.•30 views

CVE-2015-8385

PCRE before 8.38 mishandles the /?|\k'Pm'|?'Pm'/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS7.2AI score0.05623EPSS

UbuntuCve•added 2015/12/01 12:0 a.m.•27 views

CVE-2015-8383

PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror...

9.8CVSS7.2AI score0.06077EPSS

UbuntuCve•added 2015/12/01 12:0 a.m.•27 views

CVE-2015-2328

PCRE before 8.36 mishandles the /?Ra|?1+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

7.5CVSS7.2AI score0.05244EPSS

Exploits1References3

UbuntuCve•added 2015/12/01 12:0 a.m.•29 views

CVE-2015-8394

9.8CVSS7.2AI score0.04815EPSS

UbuntuCve•added 2015/12/01 12:0 a.m.•26 views

CVE-2015-8390

PCRE before 8.38 mishandles the : and \ substrings in character classes, which allows remote attackers to cause a denial of service uninitialized memory read or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by...

9.8CVSS7.2AI score0.04618EPSS

UbuntuCve•added 2015/12/01 12:0 a.m.•31 views

CVE-2015-8392

PCRE before 8.38 mishandles certain instances of the ?| substring, which allows remote attackers to cause a denial of service unintended recursion and buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

7.5CVSS7.3AI score0.03558EPSS

UbuntuCve•added 2015/12/01 12:0 a.m.•34 views

CVE-2015-8388

PCRE before 8.38 mishandles the /?=di?=?1|?=./ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

7.5CVSS7.1AI score0.06587EPSS

OSV•added 2015/12/01 12:0 a.m.•0 views

UBUNTU-CVE-2015-8392

7.5CVSS7.4AI score0.03558EPSS

OSV•added 2015/12/01 12:0 a.m.•1 views

UBUNTU-CVE-2015-8394

9.8CVSS7.2AI score0.04815EPSS

OSV•added 2015/12/01 12:0 a.m.•0 views

UBUNTU-CVE-2015-8389

9.8CVSS7.2AI score0.03887EPSS

OSV•added 2015/12/01 12:0 a.m.•0 views

UBUNTU-CVE-2015-8386

9.8CVSS7.2AI score0.07059EPSS

Positive Technologies•added 2015/12/01 12:0 a.m.•3 views

PT-2015-7788 · Kde +4 · Konqueror +4

Name of the Vulnerable Software and Affected Versions: PCRE versions prior to 8.38 Description: The issue concerns the mishandling of 123 subroutine calls and related subroutine calls in regular expressions. This allows remote attackers to cause a denial of service, specifically an integer...

9.8CVSS7.8AI score0.09157EPSS

Exploits12References122

UbuntuCve•added 2015/12/01 12:0 a.m.•33 views

CVE-2015-8384

PCRE before 8.38 mishandles the /?J?'d'?'d'\gd/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScri...

7.5CVSS7.1AI score0.03399EPSS

OSV•added 2015/12/01 12:0 a.m.•1 views

UBUNTU-CVE-2015-8395

PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and...

7.5CVSS7.2AI score0.03543EPSS