CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

SUSE CVE•added 2023/02/15 4:49 a.m.•3 views

SUSE CVE-2017-6181

The parsecharclass function in regparse.c in the Onigmo aka Oniguruma-mod regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service deep recursion and application crash via a crafted regular expression...

7.5CVSS6.8AI score0.03647EPSS

Exploits0References3

NVD•added 2019/09/09 5:15 p.m.•20 views

CVE-2019-16162

Onigmo through 6.2.0 has an out-of-bounds read in parsecharclass because of missing codepoint validation in regenc.c...

7.5CVSS7.6AI score0.01798EPSS

Exploits1References1

OSV•added 2019/09/09 5:15 p.m.•18 views

CVE-2019-16162

Onigmo through 6.2.0 has an out-of-bounds read in parsecharclass because of missing codepoint validation in regenc.c...

7.5CVSS6.6AI score

Exploits0References1

Prion•added 2019/09/09 5:15 p.m.•12 views

Out-of-bounds

Onigmo through 6.2.0 has an out-of-bounds read in parsecharclass because of missing codepoint validation in regenc.c...

5CVSS7.4AI score0.01798EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/09/09 3:38 p.m.•22 views

CVE-2019-16162

Onigmo through 6.2.0 has an out-of-bounds read in parsecharclass because of missing codepoint validation in regenc.c...

7.3AI score0.01798EPSS

Exploits1References1

CVE•added 2019/09/09 3:38 p.m.•62 views

CVE-2019-16162

CVE-2019-16162 affects Onigmo up to 6.2.0, with an out-of-bounds read in parse_char_class due to missing codepoint validation in regenc.c. The vulnerability is documented across multiple sources (NVD). Exploitation details aren’t provided in the connected documents; CVSS metrics show network acce...

7.5CVSS7.2AI score0.01798EPSS

Exploits1References1Affected Software1

UbuntuCve•added 2018/05/24 8:29 p.m.•31 views

CVE-2018-11419

An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function via a RegExp"\u0" payload, related to reparsecharclass in parser/regexp/re-parser.c...

9.8CVSS7.2AI score0.01583EPSS

Exploits1References3

BDU FSTEC•added 2017/08/18 12:0 a.m.•2 views

The vulnerability of the Oniguruma library, related to the use of an uninitialized variable, which allows for memory corruption to occur.

The vulnerability of the Oniguruma library arises from an incorrect change in the state of the parsecharclass function. This allows for the use of an uninitialized variable during writing to the buffer. Exploiting this vulnerability could enable a malicious actor to cause memory corruption by...

7.5CVSS7.3AI score0.06261EPSS

Exploits1References3Affected Software3

Debian CVE•added 2017/05/24 3:0 p.m.•27 views

CVE-2017-9228

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...

9.8CVSS8.1AI score0.06261EPSS

Exploits1

CNVD•added 2017/04/05 12:0 a.m.•2 views

Ruby Denial of Service Vulnerability

Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto. A security vulnerability exists in the parsecharclass function of the regparse.c file of the Onigmo also known as Oniguruma-mod regular expression library...

7.5CVSS7.5AI score0.03647EPSS

Exploits0References1

NVD•added 2017/04/03 5:59 a.m.•29 views

CVE-2017-6181

7.5CVSS7.2AI score0.03647EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by