332 matches found
SUSE CVE-2025-58050
The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the scs:... Scan SubString verb when combined with...
CVE-2025-58050
The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the scs:... Scan SubString verb when combined with...
ALPINE-CVE-2025-58050
The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the scs:... Scan SubString verb when combined with...
UBUNTU-CVE-2025-58050
The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the scs:... Scan SubString verb when combined with...
CVE-2025-58050 PCRE2: heap-buffer-overflow read in match_ref due to missing boundary restoration in SCS
The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the scs:... Scan SubString verb when combined with...
CVE-2025-58050
The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the scs:... Scan SubString verb when combined with...
CVE-2025-58050
The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the scs:... Scan SubString verb when combined with...
CVE-2025-58050
Concrete details confirm CVE-2025-58050 affects PCRE2 10.45, with a heap-buffer-overflow in the regex engine when processing the Scan SubString verb combined with ACCEPT in pcre2_match.c. The issue can cause information disclosure via out-of-bounds reads that may influence final match results. A ...
CVE-2025-58050 PCRE2: heap-buffer-overflow read in match_ref due to missing boundary restoration in SCS
The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the scs:... Scan SubString verb when combined with...
PT-2025-34928
Name of the Vulnerable Software and Affected Versions: PCRE2 library versions prior to 10.46 Description: The PCRE2 library contains a heap-buffer-overflow read vulnerability in the regular expression matching engine. The issue occurs within the handling of the scs:... Scan SubString verb when...
PCRE2: heap-buffer-overflow read in match_ref due to missing boundary restoration in SCS
[email protected] reports: The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the scs:...
Linux Distros Unpatched Vulnerability : CVE-2014-9651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in CHICKEN 4.9.0.x before 4.9.0.2, 4.9.x before 4.9.1, and before 5.0 allows attackers to have unspecified impact via a positive START argument ...
CVE-2025-50864
An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...
elysia-cors Origin Validation Error
An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...
CVE-2025-50864
An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...
CVE-2025-50864
An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...
CVE-2025-50864
The CVE-2025-50864 entry describes an Origin Validation Error in the elysia-cors library (through version 1.3.0) that permits unauthorized access to user data. The root cause is improper origin validation: the origin is checked as a substring against any domain in the CORS policy instead of an ex...
PT-2025-34065 · Pypi · @Elysiajs/Cors
Name of the Vulnerable Software and Affected Versions: elysia-cors versions through 1.3.0 Description: An origin validation error in the elysia-cors library allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checkin...
CVE-2025-50864
An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...
CVE-2023-53158
The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability involving a username field that is more difficult to exploit...