57 matches found
The vulnerability of the vim_regexec_string() function in the Vim text editor allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the vimregexecstring function in the Vim text editor is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
CVE-2019-9169. Heap-based buffer over-read in the GNU C Library. (BSA-2022-776)
Security Advisory ID: BSA-2022-776 Component: GNU C Library Revision: 2.0 In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. Notes: Brocade PSIRT has confirmed that...
OESA-2022-1668 vim security update
Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...
PT-2022-5602 · Vim +7 · Vim +7
Name of the Vulnerable Software and Affected Versions: Vim versions prior to 8.2.4959 Description: The issue is related to a NULL pointer dereference error in the vim regexec string function of the Vim text editor. Exploitation of this issue may allow an attacker to impact the confidentiality,...
CVE-2022-1674
NULL Pointer Dereference in function vimregexecstring at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vimregexecstring at regexp.c:2733 allows attackers to cause a denial of service application crash via a crafted input...
AZL-9704 CVE-2022-1620 affecting package vim for versions less than 8.2.4925-1
NULL Pointer Dereference in function vimregexecstring at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vimregexecstring at regexp.c:2729 allows attackers to cause a denial of service application crash via a crafted input...
CVE-2022-1620
NULL Pointer Dereference in function vimregexecstring at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vimregexecstring at regexp.c:2729 allows attackers to cause a denial of service application crash via a crafted input...
Vim 代码问题漏洞
Vim is a cross-platform text editor. A code issue vulnerability exists in Vim versions prior to 8.2 that stems from a NULL pointer dereference in the vimregexecstring function in regexp.c:2729. An attacker could exploit this vulnerability to cause a denial of service application crash via special...
Arbitrary Code Execution
glibc is vulnerable to arbitrary code execution. A heap-based buffer over-read in proceednextnode in posix/regexec.c allows an attacker to execute arbitrary code on the host OS via an attempted case-insensitive regular-expression match...
glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read
In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...
oniguruma: NULL pointer dereference in match_at() in regexec.c
A NULL Pointer Dereference in matchat in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust...
oniguruma: NULL pointer dereference in match_at() in regexec.c
A NULL Pointer Dereference in matchat in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust...
oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c
A vulnerability was found in Oniguruma, where improper bounds checking in strlowercasematch within regexec.c can cause a heap-based buffer overflow, a remote attacker could exploit this flaw to crash the application or, in certain scenarios, execute arbitrary code. This occurs when the applicatio...
In the GNU C Library (aka glibc or libc6) through 2.29 proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
...
In the GNU C Library (aka glibc or libc6) through 2.29 check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.
...
DEBIAN-CVE-2019-19246
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in strlowercasematch in regexec.c...
CVE-2019-19012
An integer overflow in the searchinrange function in regexec.c in Oniguruma 6.x before 6.9.4rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. This only affects the 32-bit compiled version. Remote attackers can cause a denial-of-service or...
Amazon Linux 2 : oniguruma (ALAS-2019-1288)
A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...
EulerOS Virtualization 2.5.3 : glibc (EulerOS-SA-2019-1260)
According to the version of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an...
Unspecified Vulnerability in GNU C Library (CNVD-2019-22412)
The GNU C Library glibc, libc6 is an open-source, free C compiler released under the LGPL license. An unspecified vulnerability exists in the 'checkdstlimitscalcpos1' function in the posix/regexec.c file in GNU C Library version 2.29 and earlier. An attacker could exploit this vulnerability to...