| Max CVSS | 9.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-8391 | 9.0 |
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as
|
16-02-2023 - 14:15 | 02-12-2015 - 01:59 | |
| CVE-2015-8386 | 7.5 |
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expr
|
16-02-2023 - 14:15 | 02-12-2015 - 01:59 | |
| CVE-2015-8388 | 7.5 |
PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via
|
27-12-2019 - 16:08 | 02-12-2015 - 01:59 | |
| CVE-2015-8385 | 7.5 |
PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted
|
27-12-2019 - 16:08 | 02-12-2015 - 01:59 | |
| CVE-2015-2328 | 7.5 |
PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular exp
|
27-12-2019 - 16:08 | 02-12-2015 - 01:59 | |
| CVE-2015-5073 | 6.4 |
Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection me
|
18-05-2018 - 01:29 | 13-12-2016 - 16:59 | |
| CVE-2015-3217 | 5.0 |
PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by /^(?:(?(1)\\.|([^\\\\W_]
|
18-05-2018 - 01:29 | 13-12-2016 - 16:59 | |
| CVE-2016-3191 | 7.5 |
The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arb
|
05-01-2018 - 02:30 | 17-03-2016 - 23:59 | |
| CVE-2015-2327 | 7.5 |
PCRE before 8.36 mishandles the /(((a\2)|(a*)\g<-1>))*/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other i
|
05-01-2018 - 02:30 | 02-12-2015 - 01:59 |