CVE-2015-8391
- EPSS 6.4%
- Veröffentlicht 02.12.2015 01:59:15
- Zuletzt bearbeitet 06.05.2026 22:30:45
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as...
CVE-2015-8390
- EPSS 4.62%
- Veröffentlicht 02.12.2015 01:59:14
- Zuletzt bearbeitet 06.05.2026 22:30:45
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstra...
CVE-2015-8389
- EPSS 3.89%
- Veröffentlicht 02.12.2015 01:59:13
- Zuletzt bearbeitet 06.05.2026 22:30:45
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated ...
CVE-2015-8387
- EPSS 3.64%
- Veröffentlicht 02.12.2015 01:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrate...
CVE-2015-8386
- EPSS 7.06%
- Veröffentlicht 02.12.2015 01:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expr...
CVE-2015-8383
- EPSS 6.08%
- Veröffentlicht 02.12.2015 01:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript ...
CVE-2015-8380
- EPSS 4.44%
- Veröffentlicht 02.12.2015 01:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regul...
CVE-2015-7496
- EPSS 0.41%
- Veröffentlicht 24.11.2015 20:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.
CVE-2015-0856
- EPSS 0.41%
- Veröffentlicht 24.11.2015 20:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme.
CVE-2015-8126
- EPSS 10.34%
- Veröffentlicht 13.11.2015 03:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a den...