CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в pcre2

A out-of-bounds read vulnerability was discovered in the PCRE2 library, specifically in the getrecursedatalength function of the pcre2jitcompile.c file. This issue affects recursions in JIT-compiled regular expressions due to duplicate data transfers...

9.1CVSS6.6AI score0.00274EPSS

Exploits0References2

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•10 views

Security Bulletin: IBM PowerVM Novalink is vulnerable because Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit. (CVE-2024-7254)

Summary IBM PowerVM Novalink is vulnerable because Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with...

8.7CVSS6.9AI score0.00134EPSS

Exploits0Affected Software1

Positive Technologies•added 2025/01/01 12:0 a.m.•2 views

PT-2026-4477

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the dm-verity component related to recursive forward error correction. The recursive correction mechanism can lead to a denial-of-service...

9.8CVSS5.3AI score0.0009EPSS

Exploits0References402

Amazon•added 2024/11/15 12:0 a.m.•15 views

Important: protobuf

Issue Overview: Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf...

8.7CVSS8.2AI score0.00134EPSS

Exploits0

Cvelist•added 2024/09/19 12:18 a.m.•31 views

CVE-2024-7254 Stack overflow in Protocol Buffers Java Lite

Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or...

8.7CVSS0.00134EPSS

Exploits0References1

AlpineLinux•added 2024/09/19 12:18 a.m.•19 views

CVE-2024-7254

8.7CVSS7.5AI score0.00134EPSS

Exploits0References3

Tenable Nessus•added 2023/10/16 12:0 a.m.•15 views

Ubuntu 18.04 ESM : PCRE vulnerabilities (USN-5627-2)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5627-2 advisory. USN-5627-1 fixed several vulnerabilities in PCRE. This update provides the corresponding fixes for Ubuntu 18.04 ESM. Tenable has extracted the preceding...

9.1CVSS7.3AI score0.00584EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 3:33 a.m.•2 views

SUSE CVE-2022-1587

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the getrecursedatalength function of the pcre2jitcompile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers...

8.6CVSS8.7AI score0.00274EPSS

Exploits0References40

OSV•added 2022/11/23 11:15 p.m.•0 views

AZL-41470 CVE-2022-45873 affecting package systemd-bootstrap for versions less than 250.3-17

systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parseelfobject in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested...

5.5CVSS6.4AI score0.00042EPSS

Exploits0References1

Tenable Nessus•added 2022/11/05 12:0 a.m.•21 views

Amazon Linux 2022 : pcre2, pcre2-devel, pcre2-static (ALAS2022-2022-191)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-191 advisory. An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue ...

9.1CVSS7.2AI score0.00584EPSS

Exploits0References5

Tenable Nessus•added 2022/10/10 12:0 a.m.•28 views

EulerOS Virtualization 3.0.6.0 : pcre2 (EulerOS-SA-2022-2580)

According to the versions of the pcre2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the...

9.1CVSS7.1AI score0.00584EPSS

Exploits0References3

Tenable Nessus•added 2022/09/06 12:0 a.m.•32 views

Amazon Linux 2022 : pcre2, pcre2-devel, pcre2-static (ALAS2022-2022-071)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-071 advisory. An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue ...

9.1CVSS7.2AI score0.00584EPSS

Exploits0References5

Tenable Nessus•added 2022/08/17 12:0 a.m.•20 views

EulerOS 2.0 SP10 : pcre2 (EulerOS-SA-2022-2260)

According to the versions of the pcre2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file...

9.1CVSS7.1AI score0.00584EPSS

Exploits0References3

Tenable Nessus•added 2022/07/07 12:0 a.m.•17 views

Oracle Linux 9 : pcre2 (ELSA-2022-5251)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5251 advisory. 10.37-5 - Explicitly require uft subpackages in tools subpackage 10.37-4 - Resolves: CVE-2022-1586 CVE-2022-1587 Tenable has extracted the preceding...

9.1CVSS7.3AI score0.00584EPSS

Exploits0References3

OSV•added 2022/05/16 9:15 p.m.•24 views

CVE-2022-1587

9.1CVSS3.7AI score

Exploits0References8

AlpineLinux•added 2022/05/16 12:0 a.m.•99 views

CVE-2022-1587

9.1CVSS9.2AI score0.00274EPSS

Exploits0

RedhatCVE•added 2022/05/05 6:24 a.m.•57 views

CVE-2022-1587

9.1CVSS3.7AI score0.00274EPSS

Exploits0References3

Veracode•added 2019/08/02 10:1 a.m.•32 views

Denial Of Service (DoS)

Django is vulnerable to denial of service DoS. It does not properly handle HTML entities in the function striptags, causing excessive HTMLParser recursions...

7.5CVSS2.6AI score0.06773EPSS

Exploits0References12Affected Software2

Veracode•added 2019/05/02 4:53 a.m.•18 views

Information Disclosure

kernel-rt is vulnerable to information disclosure. A memory disclosure flaw was found in the way the loadscript function in the binfmtscript binary format handler handled excessive recursions. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space by executing...

2.1CVSS6.7AI score0.00579EPSS

Exploits1References15Affected Software1

Tenable Nessus•added 2014/08/19 12:0 a.m.•58 views

Ubuntu 10.04 LTS : openssl vulnerabilities (USN-2232-4)

USN-2232-1 fixed vulnerabilities in OpenSSL. One of the patch backports for Ubuntu 10.04 LTS caused a regression for certain applications. This update fixes the problem. We apologize for the inconvenience. Juri Aedla discovered that OpenSSL incorrectly handled invalid DTLS fragments. A remote...

7.4CVSS7.6AI score0.92751EPSS

Exploits13References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by