Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.4 views

SUSE CVE-2017-9229

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in leftadjustcharhead during regular expression compilation. Invalid handling of reg-dmax in forwardsearchrange could result in an invalid pointer...

6.5CVSS8.8AI score0.05129EPSS
Exploits1References11
BDU FSTEC
BDU FSTEC
added 2021/07/13 12:0 a.m.12 views

The vulnerability of the Oniguruma regular expression library, related to an uncontrolled recursion, allows a hacker to trigger a service failure.

The vulnerability of the Oniguruma regular expression library is related to an uncontrolled recursion. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.5CVSS6.5AI score0.02752EPSS
Exploits1References12Affected Software4
AlmaLinux
AlmaLinux
added 2020/11/03 12:39 p.m.42 views

Moderate: oniguruma security update

Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fixes: oniguruma: NULL pointer dereference in matchat in regexec.c CVE-2019-13225 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

6.5CVSS1.4AI score0.02129EPSS
Exploits0References2
OSV
OSV
added 2019/11/25 5:15 p.m.2 views

UBUNTU-CVE-2019-19246

Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in strlowercasematch in regexec.c...

7.5CVSS6.9AI score0.02942EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2017/08/18 12:0 a.m.9 views

The vulnerability of the Oniguruma library, which arises from the use of an uninitialized variable, allows a hacker to perform read operations beyond the buffer boundary in dynamic memory.

The vulnerability of the Oniguruma library exists due to incorrect processing of reg-dmin in the forwardsearchrange function. This allows the use of an uninitialized variable during data reading from the buffer. Exploiting this vulnerability could enable a malicious actor to read beyond the...

7.5CVSS6.7AI score0.06265EPSS
Exploits1References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2017/08/18 12:0 a.m.9 views

The vulnerability of the Oniguruma library, which allows a hacker to influence the accessibility of information

The vulnerability of the matchat function in the Oniguruma library exists due to access control errors. Exploiting this vulnerability could allow a malicious actor to influence the accessibility of information by reading beyond the buffer on the stack during regular expression search operations...

7.5CVSS7AI score0.0654EPSS
Exploits1References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2017/08/18 12:0 a.m.5 views

The vulnerability of the Oniguruma library, which arises from the use of an uninitialized variable and allows for memory corruption to occur.

The vulnerability of the Oniguruma library arises from an improper change in the state of the parsecharclass function. This allows for the use of an uninitialized variable during writing to the buffer. Exploiting this vulnerability could enable a malicious actor to cause memory corruption by...

7.5CVSS7.3AI score0.06261EPSS
Exploits1References3Affected Software2
Rows per page
Query Builder