Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pcre vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2015-3217
PCRE 7.8 and 8.32 up to and including 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote malicious users to cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by /^(?:(?(1)\\.|([^\\\\W_])?)+)+$/.
Pcre Pcre2 10.10
Pcre Pcre 8.33
Pcre Pcre 8.34
Pcre Pcre 8.32
Pcre Pcre 8.37
Pcre Pcre 7.8
Pcre Pcre 8.35
Pcre Pcre 8.36
Ibm Powerkvm 3.1
Ibm Powerkvm 2.1
NA
CVE-2006-7225
Perl-Compatible Regular Expression (PCRE) library prior to 6.7 allows context-dependent malicious users to cause a denial of service (error or crash) via a regular expression that involves a "malformed POSIX character class", as demonstrated via an invalid character aft...
Perl Pcre 0.91
Perl Pcre 0.98
Perl Pcre 0.99
Perl Pcre 1.07
Perl Pcre 1.08
Perl Pcre 2.05
Perl Pcre 2.06
Perl Pcre 3.4
Perl Pcre 3.5
Perl Pcre 4.3
Perl Pcre 4.4
Perl Pcre 6.4
Perl Pcre 6.5
Perl Pcre 0.96
Perl Pcre 0.97
Perl Pcre 1.05
Perl Pcre 1.06
Perl Pcre 2.03
Perl Pcre 2.04
Perl Pcre 3.2
Perl Pcre 3.3
Perl Pcre 4.1
NA
CVE-2005-2491
Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) prior to 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows malicious users to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-base...
Pcre Pcre 5.0
Pcre Pcre 6.0
Pcre Pcre 6.1
NA
CVE-2007-4767
Perl-Compatible Regular Expression (PCRE) library prior to 7.3 does not properly compute the length of (1) a \p sequence, (2) a \P sequence, or (3) a \P{x} sequence, which allows context-dependent malicious users to cause a denial of service (infinite loop or crash) or execute ar...
Pcre Pcre
NA
CVE-2007-4768
Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library prior to 7.3 allows context-dependent malicious users to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.
Pcre Pcre
NA
CVE-2006-7227
Integer overflow in Perl-Compatible Regular Expression (PCRE) library prior to 6.7 allows context-dependent malicious users to execute arbitrary code via a regular expression containing a large number of named subpatterns (name_count) or long subpattern names (max_name_size), whi...
Pcre Pcre
NA
CVE-2006-7230
Perl-Compatible Regular Expression (PCRE) library prior to 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent malicious users to ca...
Pcre Pcre
NA
CVE-2007-1660
Perl-Compatible Regular Expression (PCRE) library prior to 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent malicious users to cause a denial of service (crash) and ...
Pcre Pcre
NA
CVE-2007-1662
Perl-Compatible Regular Expression (PCRE) library prior to 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent malicious users to cause a denial of service (crash), possibly involving forward references.
Pcre Pcre
NA
CVE-2006-7228
Integer overflow in Perl-Compatible Regular Expression (PCRE) library prior to 6.7 might allow context-dependent malicious users to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calcula...
Pcre Pcre
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »