168 matches found
SUSE CVE-2015-2305
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library aka rxspencer alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a...
SUSE CVE-2017-12837
Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a regular expression with a '\N' escape and the case-insensitive modifier...
SUSE CVE-2019-16163
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c...
SUSE CVE-2020-12723
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls...
OSV-2022-952 UNKNOWN WRITE in regcomp
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51778 Crash type: UNKNOWN WRITE Crash state: regcomp fileregcomp load1...
Null Dereference in vim_regcomp()
Description: Null Dereference in vimregcomp at vim/src/regexp.c:2716 Vim Version: git log commit 8f7116caddc6f0725cf1211407d97645c4eb7b65 HEAD - master, origin/master, origin/HEAD Proof of Concept: $ git clone https://github.com/vim/vim.git $ cd vim/ && ./configure && make && cd src/ $ echo "call...
PHP 5.3.x <= 5.3.10 'libc/regcomp' Multiple Vulnerabilities - BSD
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
AIX 7.1 TL 5 : perl (IJ26985)
https://vulners.com/cve/CVE-2020-10543 https://vulners.com/cve/CVE-2020-10543 Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. Perl before 5.30.3 has an integer overflow related to mishandling of a...
oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c...
CVE-2020-12723
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls...
Stack overflow
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion...
CVE-2011-3336
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion...
CVE-2011-3336
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion...
CVE-2011-3336
CVE-2011-3336 affects the BSD libc regcomp implementation. Public details confirm a denial-of-service condition caused by stack exhaustion/recursion when compiling regular expressions, with PoCs observed in MacOSX Safari/Firefox and related tooling. Red Hat and Ubuntu advisories note OS-level imm...
EulerOS 2.0 SP8 : oniguruma (EulerOS-SA-2020-1019)
According to the versions of the oniguruma package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.CVE-2019-16163 - An issue was discovered in...
CVE-2019-16163
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c...
Internet Bug Bounty: [CVE-2018-18313] regcomp: heap-buffer-overflow read in S_grok_bslash_N
See: https://rt.perl.org/Public/Bug/Display.html?id=133192 CVE ID: CVE-2018-18313 Impact Potential information leakex: secret variables or source codes...
Internet Bug Bounty: [CVE-2018-18312] regcomp: heap-buffer-overflow write / reg_node overrun
See: https://rt.perl.org/Public/Bug/Display.html?id=133423 CVE ID: CVE-2018-18312 Impact Potential RCE...
CVE-2009-5155
In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service assertion failure and application exit or trigger an incorrect result by attempting a regular-expression match...
AZL-44574 CVE-2009-5155 affecting package suitesparse 7.11.0-1
In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service assertion failure and application exit or trigger an incorrect result by attempting a regular-expression match...