CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2011-1951 – Gentoo Linux Security Advisory 201412-09
https://notcve.org/view.php?id=CVE-2011-1951
11 Jul 2011 — lib/logmatcher.c in Balabit syslog-ng before 3.2.4, when the global flag is set and when using PCRE 8.12 and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via a message that does not match a regular expression. lib/logmatcher.c en Balabit syslog-ng anterior a v3.2.4, cuando la bandera global está habilitada y cuando usa PCRE v8.12 y posiblemente otras versiones, permite a atacantes remotos provocar una denegación de servicio(consumo de memoria) a través d... • http://git.balabit.hu/?p=bazsi/syslog-ng-3.2.git%3Ba=commit%3Bh=09710c0b105e579d35c7b5f6c66d1ea5e3a3d3ff • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 3%CPEs: 11EXPL: 1CVE-2008-2371
https://notcve.org/view.php?id=CVE-2008-2371
07 Jul 2008 — Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. Desbordamiento de búfer basado en montículo en pcre_compile.c en la biblioteca Perl-Compatible Regular Expression (PCRE) 7.7, permite a atacantes dependientes del contexto provocar una denegación de servicio (caída)... • http://bugs.gentoo.org/show_bug.cgi?id=228091 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 23%CPEs: 1EXPL: 0CVE-2008-0674
https://notcve.org/view.php?id=CVE-2008-0674
18 Feb 2008 — Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255. Desbordamiento de búfer en PCRE antes de 7.6 permite a atacantes remotos ejecutar código de su elección a través de una expresión regular que contiene un carácter class con un número grande de caracteres con puntos de código Unicode mayores de 255. • http://ftp.gnome.org/pub/gnome/sources/glib/2.14/glib-2.14.6.news • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 52EXPL: 0CVE-2006-7225 – pcre miscalculation of memory requirements for malformed Posix character class
https://notcve.org/view.php?id=CVE-2006-7225
03 Dec 2007 — Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to cause a denial of service (error or crash) via a regular expression that involves a "malformed POSIX character class", as demonstrated via an invalid character after a [[ sequence. La biblioteca Perl-Compatible Regular Expression (PCRE) versiones anteriores a 6.7 permite a atacantes locales o remotos dependientes del contexto provocar una denegación de servicio (error o caída) mediante una expresión regular qu... • http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2006-7230 – pcre miscalculation of memory requirements if options are changed during pattern compilation
https://notcve.org/view.php?id=CVE-2006-7230
15 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service (PCRE or glibc crash) via crafted regular expressions. La librería Perl-Compatible Regular Expression (PCRE) anterior a 7.0 no calcula adecuadamente la cantidad de memoria necesaria para un patrón de expresión regula... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2006-7227 – pcre integer overflow
https://notcve.org/view.php?id=CVE-2006-7227
14 Nov 2007 — Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns (name_count) or long subpattern names (max_name_size), which triggers a buffer overflow. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split. Desbordamiento de entero en la librería Perl-Compatible Regular Expression (PCRE) anterior a 6.7 permite a a... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2006-7228 – pcre integer overflow
https://notcve.org/view.php?id=CVE-2006-7228
14 Nov 2007 — Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split. Desbordamiento de entero en librería Perl-Compatible Regu... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2007-1659 – pcre regular expression flaws
https://notcve.org/view.php?id=CVE-2007-1659
07 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes. La biblioteca Perl-Compatible Regular Expression (PCRE) anterior a la versión 7.3 permite a los atacantes dependiendo del contexto causar una denegación de servicio (bloqueo) y posiblemente ejecutar código arbitrario por medio de patrones regex que contienen sec... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2007-1660 – pcre regular expression flaws
https://notcve.org/view.php?id=CVE-2007-1660
07 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code. La biblioteca Perl-Compatible Regular Expression (PCRE) anterior a la versión 7.0 no calcula apropiadamente los tamaños de las "multiple forms of character class" no especificadas, lo que desencadena un desbordamiento... • http://bugs.gentoo.org/show_bug.cgi?id=198976 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2007-1662
https://notcve.org/view.php?id=CVE-2007-1662
07 Nov 2007 — Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service (crash), possibly involving forward references. La librería Perl-Compatible Regular Expression (PCRE) anterior a 7.3 lee más allá del final de una cadena cuando busca corchetes no coincidentes y paréntesis, lo cual permite a atacantes locales o remotos (dependiendo del contexto) provocar una ... • http://bugs.gentoo.org/show_bug.cgi?id=198976 •