Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pcre pcre vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-13846
An issue exists in certain Apple products. macOS prior to 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions prior to 8.40 allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impa...
Apple Mac Os X
9.3
CVSSv2
CVE-2016-1834
Heap-based buffer overflow in the xmlStrncat function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to execute arbitrary code or cause a denial of service (memo...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Apple Tvos
Apple Iphone Os
Apple Mac Os X
Apple Watchos
Debian Debian Linux 8.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Desktop 7.0
9.3
CVSSv2
CVE-2007-3944
Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone prior to 1.0.1, allow remote malicious users to execute arbitrary code via certain JavaScript r...
Apple Webkit
Apple Iphone Os
Apple Safari 3.0
7.8
CVSSv2
CVE-2021-20212
A flaw was found in Privoxy in versions prior to 3.0.29. Memory leak if multiple filters are executed and the last one is skipped due to a pcre error leading to a system crash.
Privoxy Privoxy
7.8
CVSSv2
CVE-2017-11164
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.
Pcre Pcre 8.41
1 Github repository
7.8
CVSSv2
CVE-2014-8325
The Calendar Base (cal) extension prior to 1.5.9 and 1.6.x prior to 1.6.1 for TYPO3 allows remote malicious users to cause a denial of service (resource consumption) via vectors related to the PHP PCRE library.
Calender Base Project Calender Base 1.5.0
Calender Base Project Calender Base 1.5.1
Calender Base Project Calender Base 1.5.2
Calender Base Project Calender Base 1.5.4
Calender Base Project Calender Base 1.5.6
Calender Base Project Calender Base 1.5.7
Calender Base Project Calender Base
Calender Base Project Calender Base 1.6.0
Calender Base Project Calender Base 1.5.3
Calender Base Project Calender Base 1.5.5
7.5
CVSSv2
CVE-2017-8786
pcre2test.c in PCRE2 10.23 allows remote malicious users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression.
Pcre Pcre2 10.23
7.5
CVSSv2
CVE-2017-8399
PCRE2 prior to 10.30 has an out-of-bounds write caused by a stack-based buffer overflow in pcre2_match.c, related to a "pattern with very many captures."
Pcre Pcre2
7.5
CVSSv2
CVE-2014-9769
pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote malicious users to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets...
Pcre Pcre 8.35
7.5
CVSSv2
CVE-2015-2328
PCRE prior to 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allows remote malicious users to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrat...
Oracle Linux 7
Pcre Pcre
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »