380449 matches found
EUVD-2026-38188
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...
CVE-2026-56410
The vulnerability CVE-2026-56410 affects xmlwf in libexpat prior to 2.8.2, due to an integer overflow in resolveSystemId. Impact is indicated as high for confidentiality and integrity, with low availability impact; attack vector is local and no user interaction is required. Remedy: upgrade to lib...
CVE-2026-56410
xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...
CVE-2026-56410
xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...
EUVD-2026-38187
xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...
CVE-2026-56409
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...
CVE-2026-56409
CVE-2026-56409 affects xmlwf in libexpat prior to 2.8.2. An integer overflow occurs in the output filename when -d outputDir is used. The CVSS 3.1 vector (LOCAL, HIGH complexity, NO privileges, user interaction required) indicates a local impact with confidentiality/ integrity impact HIGH and ava...
CVE-2026-56409
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...
EUVD-2026-38186
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...
CVE-2026-56408
libexpat before 2.8.2 has an integer overflow in copyString...
CVE-2026-56408
Vulnerability: libexpat prior to 2.8.2 has an integer overflow in copyString. Root cause: integer overflow in the copyString function. Impact: confidentiality and integrity may be affected with a CVSSv3.1 base score 6.9 (Local attack, high complexity, no user interaction). Remediation: upgrade to...
CVE-2026-56408
libexpat before 2.8.2 has an integer overflow in copyString...
EUVD-2026-38185
libexpat before 2.8.2 has an integer overflow in copyString...
CVE-2026-56407
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...
CVE-2026-56407
CVE-2026-56407 affects libexpat prior to 2.8.2, with an integer overflow in doProlog related to storeEntityValue and entity textLen. The NVD entries confirm the issue and describe the vulnerability as an integer overflow in doProlog. The CVE entry indicates a medium base score (CVSS 3.1: AV=L, AC...
CVE-2026-56407
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...
EUVD-2026-38184
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...
CVE-2026-56406
libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...
CVE-2026-56406
CVE-2026-56406 affects libexpat up to version 2.8.1; the root cause is an integer overflow in XML_ParseBuffer due to a missing check that XML_Parse had. The CVSSv3.1 vector indicates Local attack, high complexity, no privileges required, no user interaction, with Confidentiality and Integrity imp...
CVE-2026-56406
libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...