Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pcre vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1662
Perl-Compatible Regular Expression (PCRE) library prior to 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent malicious users to cause a denial of service (crash), possibly involving forward references.
Pcre Pcre
NA
CVE-2006-7227
Integer overflow in Perl-Compatible Regular Expression (PCRE) library prior to 6.7 allows context-dependent malicious users to execute arbitrary code via a regular expression containing a large number of named subpatterns (name_count) or long subpattern names (max_name_size), whi...
Pcre Pcre
NA
CVE-2006-7230
Perl-Compatible Regular Expression (PCRE) library prior to 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent malicious users to ca...
Pcre Pcre
NA
CVE-2006-7228
Integer overflow in Perl-Compatible Regular Expression (PCRE) library prior to 6.7 might allow context-dependent malicious users to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calcula...
Pcre Pcre
5.5
CVSSv3
CVE-2017-7244
The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote malicious users to cause a denial of service (invalid memory read) via a crafted file.
Pcre Pcre 8.40
7.8
CVSSv3
CVE-2017-7245
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote malicious users to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.
Pcre Pcre 8.40
7.3
CVSSv3
CVE-2014-9769
pcre_jit_compile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote malicious users to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a crafted string, as demonstrated by packets...
Pcre Pcre 8.35
7.5
CVSSv3
CVE-2017-11164
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.
Pcre Pcre 8.41
1 Github repository
5.5
CVSSv3
CVE-2017-16231
In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount ...
Pcre Pcre 8.41
1 Github repository
7.8
CVSSv3
CVE-2017-7246
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote malicious users to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.
Pcre Pcre 8.40
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »