Lucene search
K

131 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.10 views

Ubuntu 16.04 LTS : ITK vulnerabilities (USN-8235-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8235-1 advisory. It was discovered that Expat, vendored in ITK incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute...

9.8CVSS7.6AI score0.34174EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/05/07 3:27 a.m.12 views

USN-8235-1: ITK vulnerabilities

It was discovered that Expat, vendored in ITK incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-25235, CVE-2022-25236...

9.8CVSS7.1AI score0.34174EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : xmlrpc-c-1.51.0-5.el8.1 (AXSA:2022-3167:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3167:01 advisory. expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution CVE-2022-25235 Tenable has extracted the preceding description block...

9.8CVSS7.9AI score0.04955EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : firefox-91.7.0-3.0.1.el7.AXS7 (AXSA:2022-3096:07)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3096:07 advisory. Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 Mozilla: Use-after-free in WebGPU IPC Framework CVE-2022-26486 expat: Malformed ...

9.8CVSS8.5AI score0.34174EPSS
Exploits7References11
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.5 views

MiracleLinux 8 : thunderbird-91.7.0-2.el8.ML.1 (AXSA:2022-3104:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3104:04 advisory. Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 Mozilla: Use-after-free in WebGPU IPC Framework CVE-2022-26486 expat: Malformed ...

9.8CVSS9.2AI score0.34174EPSS
Exploits7References12
Rosalinux
Rosalinux
added 2025/12/02 1:21 p.m.11 views

Advisory ROSA-SA-2025-3108

Software: xmlrpc-c 1.51.0 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-c-1.51.0-10.rv3 CVE-ID: CVE-2021-46143 BDU-ID: 2022-01052 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the doProlog function of the xmlparse.c file of the Expat library is related to integer overflow. Exploitation of t...

9.8CVSS8.5AI score0.04955EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 3: xmlrpc-c (TSSA-2022:0035)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0035 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

9.8CVSS7.4AI score0.04955EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.9 views

Alibaba Cloud Linux 3 : 0035: xmlrpc-c (ALINUX3-SA-2022:0035)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0035 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-25235: xmltokimpl.c in Expat aka libexpat...

9.8CVSS7.4AI score0.04955EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0021: expat (ALINUX3-SA-2022:0021)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0021 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-45960: In Expat aka libexpat befo...

9.8CVSS7.4AI score0.34174EPSS
Exploits3References13
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:49 a.m.61 views

Security Bulletin: IBM Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.9

Summary Apache Portable Runtime, The Expat XML Parser and DOORS Web Access are identified as vulnerable components with multiple reported vulnerabilities. The IBM Engineering Requirements Management DOORS/DWA product version 9.7.2.8 is vulnerable to the below mentioned CVEs. Remediation actions a...

9.8CVSS10AI score0.43346EPSS
Exploits11Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2022-25235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context...

9.8CVSS6.9AI score0.04955EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.32 views

CentOS 9 : expat-2.2.10-10.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the expat-2.2.10-10.el9 build changelog. - malformed 2 CVE-2022-25235 - namespace-separator characters in xmlns:prefix attribute values can lead to arbitrary code execution...

9.8CVSS7.8AI score0.34174EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/12/27 12:0 a.m.28 views

NewStart CGSL MAIN 6.06 : expat Multiple Vulnerabilities (NS-SA-2023-0082)

The remote NewStart CGSL host, running version MAIN 6.06, has expat packages installed that are affected by multiple vulnerabilities: - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating to...

9.8CVSS7.6AI score0.34174EPSS
Exploits3References27
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.32 views

Rocky Linux 8 : expat (RLSA-2022:0951)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0951 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g.,...

9.8CVSS7.4AI score0.34174EPSS
Exploits3References25
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.39 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : xmltok library vulnerabilities (USN-5455-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5455-1 advisory. Tim Boddy, Gustavo Grieco and others discovered that Expat, that is integrated in xmltok library, incorrectly handled...

9.8CVSS8.2AI score0.34174EPSS
Exploits6References16
Broadcom
Broadcom
added 2023/08/01 12:0 a.m.38 views

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation (CVE-2022-25235)

xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context...

9.8CVSS8.2AI score0.04955EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/12 12:0 a.m.51 views

Nessus Network Monitor < 6.2.1 Multiple Vulnerabilities (TNS-2023-19)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-19 advisory. - Nessus Network Monitor leverages third-party software to help provide underlying...

9.8CVSS8AI score0.34174EPSS
Exploits3References24
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.95 views

Amazon Linux 2023 : expat, expat-devel, expat-static (ALAS2023-2023-058)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-058 advisory. In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing...

9.8CVSS8.5AI score0.34174EPSS
Exploits4References36
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.50 views

Amazon Linux 2023 : xmlrpc-c, xmlrpc-c-apps, xmlrpc-c-c++ (ALAS2023-2023-068)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-068 advisory. A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences for example, from start tag names to the XML processing application on top of expat can lead to arbitrary code execution. This...

9.8CVSS7.7AI score0.04955EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2023/02/21 6:59 p.m.110 views

K19473898: Expat vulnerabilities CVE-2022-23852, CVE-2022-25235, CVE-2022-25236, and CVE-2022-25315

Security Advisory Description CVE-2022-23852 Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. CVE-2022-25235 xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for...

9.8CVSS8.3AI score0.34174EPSS
Exploits1Affected Software14
Rows per page
Query Builder