96 matches found
CVE-2026-43680
creationtimestamp| type| source ---|---|--- 2026-05-13 01:11:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlp4nxic7a2c...
CVE-2026-43680
A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to bypass a front-end restriction on OS Script schedule types and execute arbitrary operating system commands on the underlying host. This issue is fixed in FileMaker Cloud 2.22.0.5...
Siemens SIMATIC S7-1500 Use After Free (CVE-2022-43680)
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...
MAL-2025-43680 Malicious code in bunyan-xanadu-spica-pegasus (npm)
The package bunyan-xanadu-spica-pegasus was found to contain malicious code...
TencentOS Server 3: expat (TSSA-2023:0011)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0011 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0012: expat (ALINUX3-SA-2023:0012)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0012 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-43680: In libexpat through 2.4.9, there is...
Linux Distros Unpatched Vulnerability : CVE-2022-43680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situation...
Fedora 37 : mingw-expat (2022-5f1e2e9016)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-5f1e2e9016 advisory. Update to 2.5.0, fixes CVE-2022-43680. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora 37 : mingw-pixman (2022-f3a939e960)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-f3a939e960 advisory. Update to 0.42.2, fixes CVE-2022-44638 and CVE-2022-43680. Tenable has extracted the preceding description block directly from the Fedora security...
RHEL 7 : expat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - expat: use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate CVE-2022-436...
K000139525: Libexpat vulnerability CVE-2022-43680
Security Advisory Description In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. CVE-2022-43680 Impact System performance degradation can occur until the process is forced to restart...
RHEL 6 : expat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - expat: Large number of prefixed XML attributes on a single tag can crash libexpat CVE-2021-45960 - expat:...
RHEL 8 : expat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 - In libexpat through 2.4....
CentOS 9 : expat-2.5.0-1.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the expat-2.5.0-1.el9 build changelog. - In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memo...
Moderate: Red Hat Security Advisory: expat security update
An update for expat is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
RHEL 8 : expat (RHSA-2024:0421)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0421 advisory. Expat is a C library for parsing XML documents. Security Fixes: expat: use-after free caused by overeager destruction of a shared DTD in...
Rocky Linux 9 : expat (RLSA-2023:0337)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:0337 advisory. - In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory...
Oracle HTTP Server (Jul 2023 CPU)
The version of Oracle HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the Jul 2023 CPU advisory. - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Thirdparty LibExpat. The supported version that is affected ...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to libexpat denial of service( CVE-2022-43680)
Summary Potential libexpat denial of service vulnerability CVE-2022-43680 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-43680 DESCRIPTION: libexpat is vulnerable to a denial of...
EulerOS Virtualization 3.0.6.0 : expat (EulerOS-SA-2023-2219)
According to the versions of the expat packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 - In libexpat through 2.4.9,...