Max CVSS | 9.0 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-8391 | 9.0 |
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as
|
16-02-2023 - 14:15 | 02-12-2015 - 01:59 | |
CVE-2015-8394 | 7.5 |
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a
|
16-02-2023 - 14:15 | 02-12-2015 - 01:59 | |
CVE-2015-8386 | 7.5 |
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expr
|
16-02-2023 - 14:15 | 02-12-2015 - 01:59 | |
CVE-2015-8390 | 7.5 |
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstra
|
16-02-2023 - 14:15 | 02-12-2015 - 01:59 | |
CVE-2015-8389 | 7.5 |
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated
|
16-02-2023 - 14:15 | 02-12-2015 - 01:59 | |
CVE-2015-8383 | 7.5 |
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript
|
16-02-2023 - 14:15 | 02-12-2015 - 01:59 | |
CVE-2015-8393 | 5.0 |
pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client.
|
16-02-2023 - 14:15 | 02-12-2015 - 01:59 | |
CVE-2015-8387 | 7.5 |
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrate
|
16-02-2023 - 14:15 | 02-12-2015 - 01:59 | |
CVE-2014-8964 | 5.0 |
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
|
04-08-2022 - 19:58 | 16-12-2014 - 18:59 | |
CVE-2016-1283 | 7.5 |
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgrou
|
20-07-2022 - 16:58 | 03-01-2016 - 00:59 | |
CVE-2015-8388 | 7.5 |
PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via
|
27-12-2019 - 16:08 | 02-12-2015 - 01:59 | |
CVE-2015-8385 | 7.5 |
PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted
|
27-12-2019 - 16:08 | 02-12-2015 - 01:59 | |
CVE-2015-5073 | 6.4 |
Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 allows remote attackers to cause a denial of service (crash) or obtain sensitive information from heap memory and possibly bypass the ASLR protection me
|
18-05-2018 - 01:29 | 13-12-2016 - 16:59 | |
CVE-2015-8395 | 7.5 |
PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konque
|
05-01-2018 - 02:30 | 02-12-2015 - 01:59 | |
CVE-2015-8384 | 7.5 |
PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a
|
05-01-2018 - 02:30 | 02-12-2015 - 01:59 | |
CVE-2015-8392 | 7.5 |
PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (unintended recursion and buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as d
|
05-01-2018 - 02:30 | 02-12-2015 - 01:59 | |
CVE-2015-8381 | 7.5 |
The compile_regex function in pcre_compile.c in PCRE before 8.38 and pcre2_compile.c in PCRE2 before 10.2x mishandles the /(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R'))))/ and /(?J:(?|(:(?|(?'R')(\z(?|(?'R')(\k'R')|((?'R')))k'R')|((?'R')))H'Ak
|
05-01-2018 - 02:30 | 02-12-2015 - 01:59 | |
CVE-2015-8380 | 7.5 |
The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regul
|
01-07-2017 - 01:29 | 02-12-2015 - 01:59 |