ROOT-OS-UBUNTU-2404-CVE-2026-46143 CVE-2026-46143 in rootio-linux - Patched by Root

Root has patched CVE-2026-46143 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

BELL-CVE-2026-46143

Bulletin has no description...

DEBIAN-CVE-2026-46143

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017360)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017360 advisory. In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize. Tenable has extracted the preceding description block direct...

MiracleLinux 8 : xmlrpc-c-1.51.0-8.el8 (AXSA:2022-4217:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4217:04 advisory. expat: Integer overflow in doProlog in xmlparse.c CVE-2021-46143 expat: Integer overflow in addBinding in xmlparse.c CVE-2022-22822 expat: Integer...

Ubuntu: Security Advisory (USN-7913-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2025-3108

Software: xmlrpc-c 1.51.0 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-c-1.51.0-10.rv3 CVE-ID: CVE-2021-46143 BDU-ID: 2022-01052 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the doProlog function of the xmlparse.c file of the Expat library is related to integer overflow. Exploitation of t...

CVE-2023-46143

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC...

CVE-2022-46143

Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data...

Alibaba Cloud Linux 3 : 0021: expat (ALINUX3-SA-2022:0021)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0021 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-45960: In Expat aka libexpat befo...

Linux Distros Unpatched Vulnerability : CVE-2021-46143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize. CVE-2021-46143 Note that Nessus relies on the presence ...

Amazon Linux 2022 : expat, expat-devel, expat-static (ALAS2022-2022-017)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-017 advisory. In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing...

Multiple Vulnerabilities within libexpat (CVE-2018-20843, CVE-2019-15903, CVE-2021-46143, CVE-2022-22825, CVE-2022-23990)

Summary CVE-2018-20843 In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing enough to be usable for denial-of-service attacks. Base CVSS score: 7.5...

RHEL 6 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - expat: Large number of prefixed XML attributes on a single tag can crash libexpat CVE-2021-45960 - expat:...

CentOS 9 : expat-2.2.10-9.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the expat-2.2.10-9.el9 build changelog. - Large number of prefixed XML attributes on a single tag can crash libexpat CVE-2021-45960 - Integer overflow in doProlog in xmlparse.c...

NewStart CGSL MAIN 6.06 : expat Multiple Vulnerabilities (NS-SA-2023-0082)

The remote NewStart CGSL host, running version MAIN 6.06, has expat packages installed that are affected by multiple vulnerabilities: - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating to...

CVE-2023-46143

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC...

CVE-2023-46143

CVE-2023-46143 affects PHOENIX CONTACT classic line PLCs. The vulnerability stems from inadequate integrity checks when downloading code, allowing an unauthenticated remote attacker to modify some or all PLC applications. Exploitation status is not detailed in the provided sources. Related docume...

CVE-2023-46143 Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC...

Rocky Linux 8 : expat (RLSA-2022:0951)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0951 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g.,...