Skip to main content
CVE-2015-8386 CRITICAL Act Now

PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Perl Compatible Regular Expression Library Fedora Linux +1
NVD
CVSS 3.1
9.8
EPSS
7.5%
CVE-2015-8391 CRITICAL Act Now

The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Pcre Linux Fedora +7
NVD
CVSS 3.1
9.8
EPSS
6.4%
CVE-2015-8390 CRITICAL Act Now

PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Perl Compatible Regular Expression Library Fedora PHP
NVD
CVSS 3.1
9.8
EPSS
2.9%
CVE-2015-8389 CRITICAL Act Now

{100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Perl Compatible Regular Expression Library Fedora PHP
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2015-8383 CRITICAL Act Now

PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Perl Compatible Regular Expression Library Fedora PHP
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2015-8394 CRITICAL Act Now

PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Perl Compatible Regular Expression Library PHP
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2015-8024 CRITICAL Act Now

McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, and 9.5.x. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Mcafee Enterprise Security Manager
NVD
CVSS 2.0
9.3
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy