Lucene search
+L

57 matches found

BDU FSTEC
BDU FSTEC
added 2022/11/25 12:0 a.m.9 views

The vulnerability of the vim_regexec_string() function in the Vim text editor allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the vimregexecstring function in the Vim text editor is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.6AI score0.00523EPSS
Exploits1References12Affected Software6
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.8 views

CVE-2019-9169. Heap-based buffer over-read in the GNU C Library. (BSA-2022-776)

Security Advisory ID: BSA-2022-776 Component: GNU C Library Revision: 2.0 In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. Notes: Brocade PSIRT has confirmed that...

9.8CVSS7.3AI score0.04731EPSS
Exploits1
OSV
OSV
added 2022/05/23 11:3 a.m.3 views

OESA-2022-1668 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7.8CVSS7.1AI score0.02481EPSS
Exploits5References6
Positive Technologies
Positive Technologies
added 2022/05/16 12:0 a.m.3 views

PT-2022-5602 · Vim +7 · Vim +7

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 8.2.4959 Description: The issue is related to a NULL pointer dereference error in the vim regexec string function of the Vim text editor. Exploitation of this issue may allow an attacker to impact the confidentiality,...

7.8CVSS6.5AI score0.02645EPSS
Exploits30References165
ATTACKERKB
ATTACKERKB
added 2022/05/12 11:15 a.m.6 views

CVE-2022-1674

NULL Pointer Dereference in function vimregexecstring at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vimregexecstring at regexp.c:2733 allows attackers to cause a denial of service application crash via a crafted input...

6.6CVSS6.7AI score0.01508EPSS
Exploits1References14
OSV
OSV
added 2022/05/08 11:15 a.m.9 views

AZL-9704 CVE-2022-1620 affecting package vim for versions less than 8.2.4925-1

NULL Pointer Dereference in function vimregexecstring at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vimregexecstring at regexp.c:2729 allows attackers to cause a denial of service application crash via a crafted input...

7.5CVSS7AI score0.01518EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/05/08 11:15 a.m.6 views

CVE-2022-1620

NULL Pointer Dereference in function vimregexecstring at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vimregexecstring at regexp.c:2729 allows attackers to cause a denial of service application crash via a crafted input...

7.5CVSS6.9AI score0.01518EPSS
Exploits1References14
CNNVD
CNNVD
added 2022/05/08 12:0 a.m.3 views

Vim 代码问题漏洞

Vim is a cross-platform text editor. A code issue vulnerability exists in Vim versions prior to 8.2 that stems from a NULL pointer dereference in the vimregexecstring function in regexp.c:2729. An attacker could exploit this vulnerability to cause a denial of service application crash via special...

7.5CVSS7.1AI score0.01518EPSS
Exploits1References25
Veracode
Veracode
added 2021/05/24 12:37 a.m.58 views

Arbitrary Code Execution

glibc is vulnerable to arbitrary code execution. A heap-based buffer over-read in proceednextnode in posix/regexec.c allows an attacker to execute arbitrary code on the host OS via an attempted case-insensitive regular-expression match...

9.8CVSS5.2AI score0.04731EPSS
Exploits1References16Affected Software1
RedHat Linux
RedHat Linux
added 2021/05/18 1:52 p.m.8 views

glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read

In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...

9.8CVSS7.3AI score0.04731EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/11/04 1:59 a.m.8 views

oniguruma: NULL pointer dereference in match_at() in regexec.c

A NULL Pointer Dereference in matchat in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust...

6.5CVSS7.4AI score0.02129EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/08 10:6 a.m.6 views

oniguruma: NULL pointer dereference in match_at() in regexec.c

A NULL Pointer Dereference in matchat in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust...

6.5CVSS7.4AI score0.02129EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/08 10:6 a.m.5 views

oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c

A vulnerability was found in Oniguruma, where improper bounds checking in strlowercasematch within regexec.c can cause a heap-based buffer overflow, a remote attacker could exploit this flaw to crash the application or, in certain scenarios, execute arbitrary code. This occurs when the applicatio...

7.5CVSS7.7AI score0.03049EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2020/08/18 12:0 a.m.9 views

In the GNU C Library (aka glibc or libc6) through 2.29 proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.

...

9.8CVSS6.9AI score0.04731EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2020/08/18 12:0 a.m.7 views

In the GNU C Library (aka glibc or libc6) through 2.29 check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.

...

7.5CVSS7.7AI score0.05804EPSS
Exploits1
OSV
OSV
added 2019/11/25 5:15 p.m.2 views

DEBIAN-CVE-2019-19246

Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in strlowercasematch in regexec.c...

7.5CVSS6.8AI score0.03049EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2019/11/17 6:15 p.m.4 views

CVE-2019-19012

An integer overflow in the searchinrange function in regexec.c in Oniguruma 6.x before 6.9.4rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. This only affects the 32-bit compiled version. Remote attackers can cause a denial-of-service or...

9.8CVSS8.5AI score0.10539EPSS
Exploits3References11
Tenable Nessus
Tenable Nessus
added 2019/09/20 12:0 a.m.47 views

Amazon Linux 2 : oniguruma (ALAS-2019-1288)

A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...

9.8CVSS8.1AI score0.04047EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/04/04 12:0 a.m.275 views

EulerOS Virtualization 2.5.3 : glibc (EulerOS-SA-2019-1260)

According to the version of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an...

9.8CVSS7AI score0.04731EPSS
Exploits1References2
CNVD
CNVD
added 2019/02/28 12:0 a.m.7 views

Unspecified Vulnerability in GNU C Library (CNVD-2019-22412)

The GNU C Library glibc, libc6 is an open-source, free C compiler released under the LGPL license. An unspecified vulnerability exists in the 'checkdstlimitscalcpos1' function in the posix/regexec.c file in GNU C Library version 2.29 and earlier. An attacker could exploit this vulnerability to...

7.5CVSS8.9AI score0.02447EPSS
Exploits1References1
Rows per page
Query Builder