998 matches found
CVE-2026-56411
A flaw was found in libexpat, a software library used for parsing XML Extensible Markup Language documents. An attacker could exploit an integer overflow vulnerability in the xmlwf utility by crafting malicious NOTATION declarations. This could lead to the disclosure of sensitive information or...
CVE-2026-56411
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...
EUVD-2026-38188
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...
CVE-2026-56411
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...
CVE-2026-56411
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...
CVE-2026-56411
CVE-2026-56411 affects libexpat’s xmlwf binary, with an integer overflow in endDoctypeDecl triggered by NOTATION declarations prior to version 2.8.2. The CVSS metrics indicate a Local attack vector, high confidentiality and integrity impact, and low availability impact, with no user interaction r...
Linux Distros Unpatched Vulnerability : CVE-2026-56411
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations. CVE-2026-56411 Note that Nessus relies on the presence of th...
PT-2026-51140
Name of the Vulnerable Software and Affected Versions WordPress Time Capsule Plugin version 1.21.16 Description An authentication bypass allows unauthenticated attackers to gain administrative access by sending a crafted POST request containing the IWP JSON PREFIX header. This flaw enables the...
Astra Linux – Vulnerability in libfastjson
JSON-C version 0.14 has an integer overflow issue, and there is a risk of out-of-bounds write operations through a large JSON file, as demonstrated by the printbufmemappend function...
CVE-2026-24122 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws, kyverno-notation-aws-fips...
GHSA-WFQV-66VQ-46RM vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws, kyverno-notation-aws-fips...
CVE-2026-24122 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws...
GHSA-WFQV-66VQ-46RM vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws...
CVE-2026-10825
A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A low-privileged authenticated attacker can send a specially crafted request that causes service disruption and may result in an unexpected device reboot...
Heap Buffer Over-read in ASN.1 Content Parsing
...
SUSE CVE-2025-15284
Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...
PT-2026-49006
Name of the Vulnerable Software and Affected Versions ApostropheCMS versions prior to 4.30.1 Description A prototype pollution issue exists in the apos.util.set function, which traverses dot-notation paths without sanitizing the proto property. This allows an authenticated editor to write arbitra...
EulerOS Virtualization 2.13.0 : python-pyasn1 (EulerOS-SA-2026-2416)
According to the versions of the python-pyasn1 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS...
ASN.1-Compliant CLDAP Validator
This Metasploit module implements a production-grade CLDAP LDAP over UDP validator that strictly follows ASN.1 BER encoding rules. It builds compliant LDAP search requests for Netlogon verification using carefully structured BER encoders for integers, strings, sequences, and filters. It can be us...
OpenSSL 缓冲区错误漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...