VYPR

Vendor CVEs

Pcre

All CVEs

60 total · sorted by risk
  • CVE-2006-7228Nov 14, 2007
    risk 0.00cvss epss 0.04

    Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation…

  • CVE-2007-4767Nov 7, 2007
    risk 0.00cvss epss 0.05

    Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \p sequence, (2) a \P sequence, or (3) a \P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary…

  • CVE-2007-1662Nov 7, 2007
    risk 0.00cvss epss 0.03

    Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service (crash), possibly involving forward references.

  • CVE-2007-1660Nov 7, 2007
    risk 0.00cvss epss 0.04

    Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute…

  • CVE-2007-4768Nov 7, 2007
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.

  • CVE-2007-1661Nov 7, 2007
    risk 0.00cvss epss 0.02

    Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as…

  • CVE-2007-1659Nov 7, 2007
    risk 0.00cvss epss 0.04

    Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.

  • CVE-2007-4766Nov 7, 2007
    risk 0.00cvss epss 0.04

    Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via unspecified escape (backslash) sequences.

  • CVE-2005-4872Dec 31, 2005
    risk 0.00cvss epss 0.02

    Perl-Compatible Regular Expression (PCRE) library before 6.2 does not properly count the number of named capturing subpatterns, which allows context-dependent attackers to cause a denial of service (crash) via a regular expression with a large number of named subpatterns, which…

  • CVE-2005-2491Aug 23, 2005
    risk 0.00cvss epss 0.04

    Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based…

Page 2 of 2