118 matches found
[SECURITY] [DLA 1854-1] libonig security update
Package : libonig Version : 5.9.5-3.2+deb8u2 CVE ID : CVE-2019-13224 Debian Bug : 931878 A use-after-free in onignewdeluxe in regext.c allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacke...
CVE-2019-13224
A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...
CVE-2019-13224
A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...
CVE-2019-13224
A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...
CVE-2019-13224
Summary (CVE-2019-13224) Oniguruma 6.9.2 contains a use-after-free in onig_new_deluxe() within regext.c that can allow information disclosure, denial of service, or potentially code execution when presented with a crafted regular expression that combines a multi-byte encoded pattern and string. S...
CVE-2019-13224
A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...
CVE-2019-13224
A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...
JCS - Joomla Vulnerability Component Scanner
JCS Joomla Component Scanner made for penetration testing purpose on Joomla CMS JCS can help you with the latest component vulnerabilities and exploits. The database can update from several resources and a Crawler has been implemented to find components and component's link. This version supports...
UBUNTU-CVE-2016-6233
The 1 order and 2 group methods in ZendDbSelect in the Zend Framework before 1.12.19 might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern \w in a regular expression...
DEBIAN-CVE-2015-8380
The pcreexec function in pcreexec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegE...
CVE-2007-4768
Heap-based buffer overflow in Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized...
CVE-2007-4768
Heap-based buffer overflow in Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized...
Code injection
Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes...
Heap overflow
Heap-based buffer overflow in Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized...
CVE-2007-4768
Heap-based buffer overflow in Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized...
DEBIAN-CVE-2007-4768
Heap-based buffer overflow in Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized...
CVE-2007-4768
Heap-based buffer overflow in Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized...
CVE-2007-4768
Heap-based buffer overflow in Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized...