Lucene search
+L

287 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

AlmaLinux 8 : mingw-fontconfig (ALSA-2026:3407)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3407 advisory. expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375 Tenable has...

7.5CVSS5.9AI score0.01279EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.4 views

RHEL 8 : mingw-fontconfig (RHSA-2026:3407)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3407 advisory. MinGW Windows Fontconfig library. Security Fixes: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small...

7.5CVSS7.2AI score0.01279EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

EulerOS 2.0 SP10 : expat (EulerOS-SA-2026-1045)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for...

7.5CVSS6.4AI score0.01279EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.5 views

EulerOS 2.0 SP10 : expat (EulerOS-SA-2026-1024)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for...

7.5CVSS6.4AI score0.01279EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2026/01/14 12:0 a.m.1 views

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2026-1045)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01279EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.6 views

CVE-2025-71076

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/01/13 3:29 p.m.28 views

CVE-2025-68802 drm/xe: Limit num_syncs to prevent oversized allocations

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Limit numsyncs to prevent oversized allocations The exec and vmbind ioctl allow userspace to specify an arbitrary numsyncs value. Without bounds checking, a very large numsyncs can force an excessively large allocation,...

0.00166EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 8 : mingw-expat-2.5.0-1.el8_10 (AXSA:2025-11436:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11436:01 advisory. expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375...

7.5CVSS6AI score0.01279EPSS
Exploits1References2
OSV
OSV
added 2026/01/13 12:0 a.m.3 views

ALSA-2026:0525 Moderate: postgresql16 security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

5.9CVSS5.6AI score0.00332EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/06 12:0 a.m.7 views

RHEL 8 : spice-client-win (RHSA-2026:0076)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0076 advisory. Spice client MSI installers for Windows clients Security Fixes: sqlite: Integer Truncation in SQLite CVE-2025-6965 libtiff: LibTIFF...

8.8CVSS6.6AI score0.73495EPSS
Exploits5References10
RedHat Linux
RedHat Linux
added 2026/01/05 6:1 p.m.8 views

Important: Red Hat Security Advisory: spice-client-win security update

An update for spice-client-win is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this...

8.8CVSS6.7AI score0.73495EPSS
Exploits5References5
RedHat Linux
RedHat Linux
added 2026/01/05 5:40 p.m.3 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/01/05 12:51 a.m.10 views

Important: Red Hat Security Advisory: spice-client-win security update

An update for spice-client-win is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

8.8CVSS6.7AI score0.73495EPSS
Exploits5References5
RedHat Linux
RedHat Linux
added 2026/01/05 12:51 a.m.4 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.5 views

EulerOS Virtualization 2.13.1 : expat (EulerOS-SA-2025-2622)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted fo...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/24 10:55 a.m.26 views

CVE-2023-54013 interconnect: Fix locking for runpm vs reclaim

In the Linux kernel, the following vulnerability has been resolved: interconnect: Fix locking for runpm vs reclaim For cases where iccbwset can be called in callbaths that could deadlock against shrinker/reclaim, such as runpm resume, we need to decouple the icc locking. Introduce a new iccbwlock...

0.00163EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/12/16 12:23 a.m.5 views

SUSE CVE-2025-66564

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits via a call to strings.Split an optionally-provided OID which is untrusted data on periods. Similarly, function api.getContentType splits the Content-Type heade...

7.5CVSS6.8AI score0.00411EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.2 views

EulerOS 2.0 SP13 : expat (EulerOS-SA-2025-2499)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for...

7.5CVSS6.4AI score0.01279EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/12/09 8:32 a.m.16 views

Important: Red Hat Security Advisory: expat security update

An update for expat is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS7.4AI score0.20093EPSS
Exploits8References19
RedHat Linux
RedHat Linux
added 2025/12/09 8:32 a.m.3 views

firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing

A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input 250 KiB can cause the parser to allocate hundreds of megabytes, leading to denial-of-service DoS through memory exhaustion...

7.5CVSS6.3AI score0.01279EPSS
Exploits1References6
Rows per page
Query Builder