CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

61 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в c3p0

C3P0 versions less than 0.9.5.4 may be exploited by a “billion laughs attack” when loading XML configuration, due to the lack of protections against recursive entity expansion during the loading of configuration files...

7.5CVSS6.7AI score0.05651EPSS

Exploits1References2

CVE•added 2026/04/16 8:12 a.m.•4 views

CVE-2024-2374

The CVE-2024-2374 entry describes an XML External Entity (XXE) issue in the XML parsers of multiple WSO2 products, where user-supplied XML data is not configured to disable external-resource resolution. This allows an attacker to read files from the file system and access limited HTTP resources r...

9.1CVSS5.7AI score0.00016EPSS

Exploits0References1Affected Software1

Broadcom•added 2026/01/27 12:0 a.m.•11 views

libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time

libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time...

5.5CVSS7.4AI score0.00022EPSS

Exploits0

OSV•added 2025/11/24 11:22 p.m.•2 views

CLSA-2025-1764026530 qt5-qtbase: Fix of CVE-2023-38197

CVE-2023-38197: fix infinite loops in recursive entity expansion...

7.5CVSS7.1AI score0.00051EPSS

Exploits0References1

OSV•added 2025/11/14 12:39 p.m.•2 views

OESA-2025-2673 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML...

7.5CVSS6.9AI score0.00803EPSS

Exploits0References2

OSV•added 2025/10/31 2:13 p.m.•1 views

OESA-2025-2565 expat security update

7.5CVSS7AI score0.00803EPSS

Exploits0References2

OSV•added 2025/10/31 2:13 p.m.•1 views

OESA-2025-2564 expat security update

7.5CVSS7AI score0.00803EPSS

Exploits0References2

OSV•added 2025/10/14 3:35 p.m.•2 views

JLSEC-2025-59 libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time...

libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time...

5.5CVSS7AI score0.00022EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-0409

Malware in sbrugna...

7.5CVSS7AI score0.05651EPSS

Exploits1References16

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-42019

Malicious code in bioql PyPI...

7.5CVSS7AI score0.00051EPSS

Exploits0References9

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-54057

Malicious code in bioql PyPI...

7.5CVSS7.9AI score0.00803EPSS

Exploits0References25

Tenable Nessus•added 2025/08/27 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2022-0217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered that an internal Prosody library to load XML based on libexpat does not properly restrict the XML features allowed in parsed XML data. Given...

7.5CVSS7.1AI score0.00411EPSS

Exploits1References2

Tenable Nessus•added 2025/07/25 12:0 a.m.•2 views

NewStart CGSL MAIN 7.02 : python-qt5 Multiple Vulnerabilities (NS-SA-2025-0154)

The remote NewStart CGSL host, running version MAIN 7.02, has python-qt5 packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansio...

7.5CVSS7.1AI score0.00261EPSS

Exploits1References5

Amazon•added 2025/06/12 12:0 a.m.•3 views

Medium: qt

Issue Overview: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. CVE-2023-38197 Affected Packages: qt Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this F...

7.5CVSS7AI score0.00051EPSS

Exploits0

Tenable Nessus•added 2025/06/12 12:0 a.m.•3 views

Amazon Linux 2 : qt (ALAS-2025-2890)

The version of qt installed on the remote host is prior to 4.8.5-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2890 advisory. An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in...

7.5CVSS7.1AI score0.00051EPSS

Exploits0References4

OSV•added 2025/04/24 9:32 p.m.•2 views

CLSA-2025-1745530363 expat: Fix of CVE-2024-8176

CVE-2024-8176: fix stack overflow vulnerability in the libexpat library due to the way it handles recursive entity expansion in XML documents...

7.5CVSS7AI score0.00803EPSS

Exploits0References1

NVD•added 2025/03/14 9:15 a.m.•11 views

CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

7.5CVSS0.00803EPSS

Exploits0References39

OSV•added 2025/03/14 9:15 a.m.•1 views

ALPINE-CVE-2024-8176

7.5CVSS7AI score0.00803EPSS

Exploits0References1

OSV•added 2025/03/14 9:15 a.m.•0 views

UBUNTU-CVE-2024-8176

7.5CVSS6.7AI score0.00803EPSS

Exploits0References5

Tenable Nessus•added 2024/12/02 12:0 a.m.•17 views

F5 Networks BIG-IP : Qt vulnerabilities (K000148809)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the K000148809 advisory. CVE-2023-38197An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x...

7.5CVSS6.9AI score0.00261EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by