MiracleLinux 8 : thunderbird-102.3.0-4.el8.ML.1 (AXSA:2022-3907:14)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3907:14 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : expat-2.2.5-8.el8.3 (AXSA:2022-3891:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3891:07 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : thunderbird-102.3.0-4.el9.ML.1 (AXSA:2022-4150:23)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4150:23 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : mingw-expat-2.4.8-2.el8 (AXSA:2023-5895:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5895:01 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

RockyLinux 8 : mingw-expat (RLSA-2023:3068)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:3068 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the RockyLinux...

TencentOS Server 3: expat (TSSA-2023:0141)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0141 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

EUVD-2023-40674

Malicious code in bioql PyPI...

CVE-2025-40674

Reflected Cross-Site Scripting XSS in osCommerce v4. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the name of any parameter in /watch/en/about-us. This vulnerability can be exploited to steal sensitive user...

TencentOS Server 3: firefox (TSSA-2022:0175)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0175 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

ABB M2M Gateway Use-After-Free in embedded Libexpat (CVE-2022-40674)

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503230;...

CVE-2024-40674

In validateSsid of WifiConfigurationUtil.java, there is a possible way to overflow a system configuration file due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

Alibaba Cloud Linux 3 : 0043: mingw-expat (ALINUX3-SA-2023:0043)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0043 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-40674: libexpat before 2.4.9 has a...

Alibaba Cloud Linux 3 : 0169: expat (ALINUX3-SA-2022:0169)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0169 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-40674: libexpat before 2.4.9 has a...

Linux Distros Unpatched Vulnerability : CVE-2022-40674

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus relies on the presence of the package as...

CVE-2024-40674

In validateSsid of WifiConfigurationUtil.java, there is a possible way to overflow a system configuration file due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-40674

creationtimestamp| type| source ---|---|--- 2025-01-28 19:46:30+00:00| seen| https://infosec.exchange/users/cve/statuses/113907701538509621 2025-01-28 20:16:22+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgtbiwdium27 2025-01-28 22:09:30+00:00| seen|...

CVE-2024-40674

In validateSsid of WifiConfigurationUtil.java, there is a possible way to overflow a system configuration file due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-40674

In validateSsid of WifiConfigurationUtil.java, there is a possible way to overflow a system configuration file due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-40674

CVE-2024-40674 affects Google Android via WifiConfigurationUtil.java (validateSsid). The issue is a logic error that could overflow a system configuration file, causing a local denial of service without requiring privileges or user interaction. Public details consistently reference Android/WifiCo...

RHEL 8 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 - In libexpat through 2.4....