21 matches found
Astra Linux – Vulnerability in libonig
A issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function fetchintervalquantifier formerly known as fetchrangequantifier in regparse.c, PFETCH is called without checking PEND. This leads to a buffer overflow issue based on the heap mechanism...
MiracleLinux 8 : php:7.3 (AXSA:2020-779:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-779:01 advisory. php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer over-read in exifreaddata CVE-2019-11040 php:...
MiracleLinux 7 : php-5.4.16-48.0.11.el7.AXS7 (AXSA:2025-10916:10)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10916:10 advisory. CVE-2017-9224: fix out-of-bounds read of a stack in matchat function CVE-2017-9226: fix out-of-bounds write or read of a heap in nextstateval...
TencentOS Server 3: oniguruma (TSSA-2024:0077)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0077 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
EUVD-2017-18163
Malware in sbrugna...
EUVD-2019-4737
Malware in sbrugna...
EUVD-2019-6983
Malware in sbrugna...
EUVD-2019-4738
Malware in sbrugna...
EUVD-2019-8872
Malware in sbrugna...
EUVD-2017-18164
Malware in sbrugna...
EUVD-2017-18165
Malware in sbrugna...
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in oniguruma 6.9.6-1.el9.6
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of oniguruma 6.9.6-1.el9.6 Vulnerability Details CVEID:CVE-2019-16163 DESCRIPTION: Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. CWE:CWE-674: Uncontrolled Recursion CVSS Sourc...
Alibaba Cloud Linux 3 : 0070: oniguruma (ALINUX3-SA-2022:0070)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0070 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-13225: A NULL Pointer Dereference in match...
Important: php
Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state...
SUSE CVE-2019-19203
An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function gb18030mbcenclen in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read...
SUSE CVE-2019-19204
An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function fetchintervalquantifier formerly known as fetchrangequantifier in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read...
PT-2022-36747 · Git +1 · Oniguruma
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash involves the functions gbNUMBER mbc enc len, onigenc mbn mbc to code, and gbNUMBER mbc t...
DEBIAN-CVE-2019-19012
An integer overflow in the searchinrange function in regexec.c in Oniguruma 6.x before 6.9.4rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. This only affects the 32-bit compiled version. Remote attackers can cause a denial-of-service or...
Oniguruma Denial of Service Vulnerability
mbstring Multi-Byte String is a language encoding extension library in PHP PHP: Hypertext Preprocessor; Oniguruma-mod is a regular expression library in Ruby programming language.Oniguruma is one of the a regular expression engine. A security vulnerability exists in Ruby's Oniguruma-mod and PHP's...
Oniguruma 'onigenc_unicode_get_case_fold_codes_by_str()' function stack buffer overflow vulnerability
mbstring Multi-Byte String is a language encoding extension library in PHP PHP: Hypertext Preprocessor; Oniguruma-mod is a regular expression library in Ruby programming language.Oniguruma is one of the a regular expression engine. A stack buffer overflow vulnerability exists in the...