Lucene search
+L

2733 matches found

OSV
OSV
added 2026/04/23 10:34 a.m.13 views

CLSA-2026-1776940444 perl-XML-Parser: Fix of CVE-2006-10003

CVE-2006-10003: fix off-by-one heap buffer overflow in stserialstack growth check in Expat/Expat.xs startElement; also backport upstream follow-up 2abd177 to initialize stserialstacksize=1024 after allocation...

9.8CVSS6AI score0.00548EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/04/22 8:4 p.m.9 views

0xuath-sdk-react (>=0.0.2 <=0.0.23), 1-test-gulp-1 (>=0.0.1 <=0.0.4) +17811 more potentially affected by CVE-2026-41650 via fast-xml-parser (>=2.3.1 <=5.6.0)

fast-xml-parser NPM version =2.3.1, =0.0.2, =0.0.1, =0.0.1, =1.0.0, =1.0.10, =3.1.4, =3.1.6, =0.1.0, =0.0.2, =4.11.2, =2.0.0, =2.6.6 and more Source cves: CVE-2026-41650 Source advisory: OSV:GHSA-GH4J-GQV2-49F6...

6.1CVSS6.2AI score0.00238EPSS
Exploits1
OSV
OSV
added 2026/04/22 8:4 p.m.12 views

GHSA-GH4J-GQV2-49F6 fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters

fast-xml-parser XMLBuilder: Comment and CDATA Injection via Unescaped Delimiters Summary fast-xml-parser XMLBuilder does not escape the -- sequence in comment content or the sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection when user-controlled data...

6.1CVSS5.9AI score0.00238EPSS
Exploits1References4
OSV
OSV
added 2026/04/22 10:11 a.m.7 views

RHSA-2026:9605 Red Hat Security Advisory: perl-XML-Parser security update

Bulletin has no description...

8.8CVSS5.6AI score0.00604EPSS
Exploits0References17
OSV
OSV
added 2026/04/22 10:11 a.m.7 views

RHSA-2026:9258 Red Hat Security Advisory: perl-XML-Parser security update

Bulletin has no description...

8.8CVSS5.6AI score0.00604EPSS
Exploits0References17
OSV
OSV
added 2026/04/22 10:11 a.m.6 views

RHSA-2026:9246 Red Hat Security Advisory: perl-XML-Parser security update

Bulletin has no description...

8.8CVSS5.6AI score0.00604EPSS
Exploits0References17
OSV
OSV
added 2026/04/22 10:11 a.m.6 views

RHSA-2026:9259 Red Hat Security Advisory: perl-XML-Parser security update

Bulletin has no description...

8.8CVSS5.6AI score0.00604EPSS
Exploits0References17
RedHat Linux
RedHat Linux
added 2026/04/22 7:1 a.m.10 views

Important: Red Hat Security Advisory: perl-XML-Parser security update

An update for perl-XML-Parser is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS5.7AI score0.00604EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/22 7:1 a.m.14 views

perl-xml-parser: XML::Parser: Memory corruption via deeply nested XML files

A flaw was found in XML::Parser, a Perl module for parsing XML. This vulnerability, an off-by-one heap buffer overflow, occurs when processing an XML file with very deep element nesting. A remote attacker could exploit this by providing a specially crafted XML file, potentially leading to memory...

9.8CVSS5.9AI score0.00548EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.9 views

RHEL 9 : perl-XML-Parser (RHSA-2026:9605)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:9605 advisory. This module provides ways to parse XML documents. It is built on top of XML::Parser::Expat, which is a lower level interface to James Clark'...

9.8CVSS5.8AI score0.00604EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.14 views

Amazon Corretto Java 8.x < 8.492.09.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is 8 prior to 8.492.09.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2026-Apr-21 advisory. - An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions...

7.5CVSS7.3AI score0.00702EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/04/21 8:38 p.m.52 views

lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files

Impact Using either of the two parsers in the default configuration with resolveentities=True allows untrusted XML input to read local files. Patches lxml 6.1.0 changes the default to resolveentities='internal', thus disallowing local file access by default. Workarounds Setting the resolveentitie...

7.5CVSS5.8AI score0.00324EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/04/21 8:38 p.m.3 views

GHSA-VFMQ-68HX-4JFW lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files

Impact Using either of the two parsers in the default configuration with resolveentities=True allows untrusted XML input to read local files. Patches lxml 6.1.0 changes the default to resolveentities='internal', thus disallowing local file access by default. Workarounds Setting the resolveentitie...

7.5CVSS5.8AI score0.00324EPSS
Exploits1References6
AlpineLinux
AlpineLinux
added 2026/04/21 8:35 p.m.8 views

CVE-2026-22016

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

7.5CVSS7.3AI score0.00702EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/21 11:41 a.m.11 views

Important: Red Hat Security Advisory: perl-XML-Parser security update

An update for perl-XML-Parser is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS5.7AI score0.00604EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/21 11:41 a.m.8 views

perl-xml-parser: XML::Parser for Perl: Heap corruption and denial of service from crafted XML input

A flaw was found in XML::Parser for Perl. This vulnerability allows an attacker to cause a heap corruption, which can lead to a denial of service DoS by crashing the application. The issue occurs when the software processes specially crafted XML input, causing an internal buffer to overflow. This...

9.8CVSS6AI score0.00604EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/21 11:21 a.m.14 views

Important: Red Hat Security Advisory: perl-XML-Parser security update

An update for perl-XML-Parser is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

9.8CVSS5.8AI score0.00604EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/21 11:21 a.m.9 views

perl-xml-parser: XML::Parser for Perl: Heap corruption and denial of service from crafted XML input

A flaw was found in XML::Parser for Perl. This vulnerability allows an attacker to cause a heap corruption, which can lead to a denial of service DoS by crashing the application. The issue occurs when the software processes specially crafted XML input, causing an internal buffer to overflow. This...

9.8CVSS6AI score0.00604EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/21 10:18 a.m.7 views

Important: Red Hat Security Advisory: perl-XML-Parser security update

An update for perl-XML-Parser is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

9.8CVSS5.7AI score0.00604EPSS
Exploits0References3
OSV
OSV
added 2026/04/21 10:10 a.m.12 views

RHSA-2026:9110 Red Hat Security Advisory: perl-XML-Parser security update

Bulletin has no description...

8.8CVSS5.6AI score0.00604EPSS
Exploits0References17
Rows per page
Query Builder