Lucene search
K

22 matches found

Snyk
Snyk
added 2026/06/26 8:47 p.m.4 views

Regular Expression Denial of Service (ReDoS)

Overview linkify-it is a Links recognition library with FULL unicode support Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to quadratic algorithmic complexity in the match function. An attacker can exhaust CPU resources and cause significant...

8.7CVSS5.9AI score
Exploits0References2
NVD
NVD
added 2026/06/24 5:17 p.m.9 views

CVE-2026-53120

In the Linux kernel, the following vulnerability has been resolved: PCI: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause ...

0.00157EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38986

In the Linux kernel, the following vulnerability has been resolved: vdpa: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause...

5.7AI score0.00155EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:30 p.m.10 views

CVE-2026-53118

In the Linux kernel CVE-2026-53118, the issue is in the vdpa path where, during __driver_attach(), the bus' match() is invoked without holding the device lock, exposing the driver_override field to a use-after-free. The root cause is missing synchronization when accessing driver_override during p...

5.7AI score0.00155EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:30 p.m.10 views

CVE-2026-53115

In the Linux kernel, CVE-2026-53115 affects the bus: fsl-mc driver where, during driver probing via __driver_attach(), the bus match() callback could access the driver_override field without holding the device lock, creating a use-after-free risk. The fix uses the driver-core driver_override infr...

5.7AI score0.00157EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52011

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the s390/cio component. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock...

5.9AI score0.00171EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52009

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the fsl-mc bus. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This lead...

5.9AI score0.00157EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2023/01/20 12:0 a.m.5 views

PT-2025-13342 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential spectre v1 gadget in the fib metrics match function has been resolved. The issue arises from the use of the type variable as an array index, which could lead to cpu...

4.6CVSS6.8AI score0.00246EPSS
Exploits0References19
Veracode
Veracode
added 2020/05/10 11:20 p.m.22 views

Denial Of Service (DoS)

tiff is vulnerable to denial of service DoS. The vulnerability exists as a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be use...

5.5CVSS3.1AI score0.00524EPSS
Exploits2References8Affected Software1
Prion
Prion
added 2019/04/22 11:29 a.m.18 views

Design/Logic Flaw

An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check...

5CVSS6.2AI score0.02323EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2019/04/21 7:14 p.m.24 views

CVE-2019-11413

An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check...

7.5CVSS6.4AI score0.02323EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/04/16 1:20 p.m.28 views

CVE-2017-16231

DISPUTED In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack th...

5.5CVSS1.9AI score0.00524EPSS
Exploits2References1
NVD
NVD
added 2019/03/21 3:59 p.m.33 views

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

5.5CVSS5.9AI score0.00524EPSS
Exploits2References8
UbuntuCve
UbuntuCve
added 2019/03/21 3:59 p.m.25 views

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

5.5CVSS6.4AI score0.00524EPSS
Exploits2References3
Cvelist
Cvelist
added 2019/03/17 4:24 p.m.37 views

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

5.9AI score0.00524EPSS
Exploits2References8
Vulnrichment
Vulnrichment
added 2019/03/17 4:24 p.m.16 views

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

6.9AI score0.00524EPSS
Exploits2References8
Debian CVE
Debian CVE
added 2019/03/17 4:24 p.m.66 views

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

5.5CVSS5.9AI score0.00524EPSS
Exploits2
AlpineLinux
AlpineLinux
added 2019/03/17 4:24 p.m.75 views

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

5.5CVSS5.9AI score0.00524EPSS
Exploits2
AlpineLinux
AlpineLinux
added 2017/07/11 12:0 a.m.72 views

CVE-2017-11164

In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...

7.8CVSS7.5AI score0.03102EPSS
Exploits0
Cvelist
Cvelist
added 2015/12/02 1:0 a.m.34 views

CVE-2015-8382

The match function in pcreexec.c in PCRE before 8.37 mishandles the /?:abcd|?:?:?:?:abc|?:abcdefbabcdefghiabc|ACCEPT/ pattern and related patterns involving ACCEPT, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service partially initialized...

9AI score0.04072EPSS
Exploits1References9
Rows per page
Query Builder