Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pcre pcre vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2023-41362
MyBB prior to 1.8.36 allows Code Injection by users with certain high privileges. Templates in Admin CP intentionally use eval, and there was some validation of the input to eval, but type juggling interfered with this when using PCRE within PHP.
Mybb Mybb
1 Github repository
7.5
CVSSv3
CVE-2022-41409
Integer overflow vulnerability in pcre2test prior to 10.41 allows malicious users to cause a denial of service or other unspecified impacts via negative input.
Pcre Pcre2
9.1
CVSSv3
CVE-2022-1586
An out-of-bounds read vulnerability exists in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully...
Pcre Pcre2
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
9.1
CVSSv3
CVE-2022-1587
An out-of-bounds read vulnerability exists in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.
Pcre Pcre2
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
8.1
CVSSv3
CVE-2019-3556
HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to output cached regular expressions from the current execution context into a file. The handler takes a parameter whi...
Facebook Hhvm
Facebook Hhvm 4.79.0
Facebook Hhvm 4.80.0
Facebook Hhvm 4.81.0
Facebook Hhvm 4.82.0
Facebook Hhvm 4.83.0
7.5
CVSSv3
CVE-2021-20212
A flaw was found in Privoxy in versions prior to 3.0.29. Memory leak if multiple filters are executed and the last one is skipped due to a pcre error leading to a system crash.
Privoxy Privoxy
7.5
CVSSv3
CVE-2021-20276
A flaw was found in privoxy prior to 3.0.32. Invalid memory access with an invalid pattern passed to pcre_compile() may lead to denial of service.
Privoxy Privoxy
Debian Debian Linux 9.0
5.3
CVSSv3
CVE-2020-14155
libpcre in PCRE prior to 8.44 allows an integer overflow via a large number after a (?C substring.
Pcre Pcre
Apple Macos
Gitlab Gitlab
Oracle Communications Cloud Native Core Policy 1.15.0
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Active Iq Unified Manager -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
7.5
CVSSv3
CVE-2019-20838
libpcre in PCRE prior to 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.
Pcre Pcre
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
7.5
CVSSv3
CVE-2019-20454
An out-of-bounds read exists in PCRE prior to 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an malicious user to crash t...
Pcre Pcre2
Fedoraproject Fedora 31
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »