Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2023/07/03 12:0 a.m.35 views

Amazon Linux AMI : glib2 (ALAS-2023-1775)

The version of glib2 installed on the remote host is prior to 2.36.3-5.26. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1775 advisory. Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers t...

9.8CVSS8.5AI score0.07673EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/07/01 12:0 a.m.40 views

Amazon Linux 2 : glib2 (ALAS-2023-2107)

The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2107 advisory. PCRE before 8.38 mishandles the : and \ substrings in character classes, which allows remote attackers to cause a denial of...

9.8CVSS8.3AI score0.04815EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.4 views

SUSE CVE-2016-1283

The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer overflow or...

9.8CVSS7.6AI score0.07791EPSS
Exploits1References23
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.12 views

Fedora 23 : pcre-8.38-1.fc23 (2015-994f0b3021)

This release fixes various bugs when compiling or matching expressions. It also fixes how pcregrep handles binary files. It also fixes a heap-based buffer overflow in pcreexec when ovector has size 1 bug 1285415 Note that Tenable Network Security has extracted the preceding description block...

5.8AI score
Exploits0References2
Fedora
Fedora
added 2016/02/17 4:25 a.m.38 views

[SECURITY] Fedora 22 Update: mingw-pcre-8.38-1.fc22

Cross compiled Perl-compatible regular expression library for use with ming w32. PCRE has its own native API, but a set of "wrapper" functions that are base d on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regula...

9.8CVSS0.8AI score0.09157EPSS
Exploits2
NVD
NVD
added 2016/01/03 12:59 a.m.19 views

CVE-2016-1283

The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer overflow or...

9.8CVSS9.7AI score0.07791EPSS
Exploits1References12
OSV
OSV
added 2016/01/03 12:59 a.m.32 views

CVE-2016-1283

The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer overflow or...

9.8CVSS7.6AI score
Exploits0References12
CVE
CVE
added 2016/01/03 12:0 a.m.210 views

CVE-2016-1283

CVE-2016-1283 affects PCRE 8.38; the vulnerable pattern handling in pcre_compile2 can cause a heap-based buffer overflow, enabling DoS via crafted regex (demonstrated via a JavaScript RegExp in Konqueror). Connected advisories show multiple distributions releasing fixes for PHP/PCRE via updated P...

9.8CVSS9.6AI score0.07791EPSS
Exploits1References12Affected Software1
Cvelist
Cvelist
added 2016/01/03 12:0 a.m.27 views

CVE-2016-1283

The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer overflow or...

9.8AI score0.07791EPSS
Exploits1References12
Debian CVE
Debian CVE
added 2016/01/03 12:0 a.m.27 views

CVE-2016-1283

The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer overflow or...

9.8CVSS9.3AI score0.07791EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2016/01/02 12:0 a.m.35 views

CVE-2016-1283

The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer overflow or...

9.8CVSS7.3AI score0.07791EPSS
Exploits1References3
NVD
NVD
added 2015/12/02 1:59 a.m.25 views

CVE-2015-8395

PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and...

7.5CVSS9.9AI score0.03543EPSS
Exploits0References6
NVD
NVD
added 2015/12/02 1:59 a.m.27 views

CVE-2015-8392

PCRE before 8.38 mishandles certain instances of the ?| substring, which allows remote attackers to cause a denial of service unintended recursion and buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

7.5CVSS9.9AI score0.03558EPSS
Exploits0References6
NVD
NVD
added 2015/12/02 1:59 a.m.20 views

CVE-2015-8390

PCRE before 8.38 mishandles the : and \ substrings in character classes, which allows remote attackers to cause a denial of service uninitialized memory read or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by...

9.8CVSS9.6AI score0.04618EPSS
Exploits0References8
OSV
OSV
added 2015/12/02 1:59 a.m.4 views

DEBIAN-CVE-2015-8387

PCRE before 8.38 mishandles ?123 subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service integer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by...

7.3CVSS8.5AI score0.03641EPSS
Exploits0References1
NVD
NVD
added 2015/12/02 1:59 a.m.19 views

CVE-2015-8386

PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp...

9.8CVSS9.7AI score0.07059EPSS
Exploits0References13
NVD
NVD
added 2015/12/02 1:59 a.m.29 views

CVE-2015-8384

PCRE before 8.38 mishandles the /?J?'d'?'d'\gd/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScri...

7.5CVSS9.8AI score0.03399EPSS
Exploits0References6
Prion
Prion
added 2015/12/02 1:59 a.m.40 views

Code injection

The pcrecompile function in pcrecompile.c in PCRE before 8.38 mishandles certain : nesting, which allows remote attackers to cause a denial of service CPU consumption or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

9CVSS7.8AI score0.06404EPSS
Exploits0References13Affected Software10
Cvelist
Cvelist
added 2015/12/02 1:0 a.m.35 views

CVE-2015-8392

PCRE before 8.38 mishandles certain instances of the ?| substring, which allows remote attackers to cause a denial of service unintended recursion and buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

9.9AI score0.03558EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2015/12/02 1:0 a.m.41 views

CVE-2015-8384

PCRE before 8.38 mishandles the /?J?'d'?'d'\gd/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScri...

7.5CVSS7.7AI score0.03399EPSS
Exploits0
Rows per page
Query Builder