Lucene search
K

2726 matches found

Fedora
Fedora
added 2026/07/06 3:10 p.m.7 views

[SECURITY] Fedora 43 Update: mingw-expat-2.8.2-1.fc43

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

6.9CVSS6AI score0.00218EPSS
Exploits0
Fedora
Fedora
added 2026/07/06 2:55 p.m.7 views

[SECURITY] Fedora 44 Update: mingw-expat-2.8.2-1.fc44

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

6.9CVSS6AI score0.00218EPSS
Exploits0
OSV
OSV
added 2026/07/02 2:13 p.m.2 views

PYSEC-2026-718 NULL Pointer Dereference in OpenCV.

An issue was discovered in OpenCV before 4.1.1 OpenCV-Python before 4.1.1.26. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp...

7.5CVSS6AI score0.0337EPSS
Exploits1References7
OSV
OSV
added 2026/06/30 7:39 a.m.7 views

ROOT-APP-NPM-CVE-2026-33349 CVE-2026-33349 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-33349 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

5.9CVSS5.8AI score0.00449EPSS
Exploits1
OSV
OSV
added 2026/06/30 7:39 a.m.8 views

ROOT-APP-NPM-CVE-2026-27942 CVE-2026-27942 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-27942 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

7.5CVSS5.9AI score0.00478EPSS
Exploits0
OSV
OSV
added 2026/06/30 7:39 a.m.12 views

ROOT-APP-NPM-CVE-2026-26278 CVE-2026-26278 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-26278 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

7.5CVSS5.5AI score0.00811EPSS
Exploits1
OSV
OSV
added 2026/06/30 7:39 a.m.11 views

ROOT-APP-NPM-CVE-2026-41650 CVE-2026-41650 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-41650 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

6.1CVSS5.8AI score0.00238EPSS
Exploits1
OSV
OSV
added 2026/06/30 7:39 a.m.6 views

ROOT-APP-NPM-CVE-2026-33036 CVE-2026-33036 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-33036 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

7.5CVSS5.9AI score0.00576EPSS
Exploits1
OSV
OSV
added 2026/06/30 7:39 a.m.11 views

ROOT-APP-NPM-CVE-2026-25896 CVE-2026-25896 in @rootio/fast-xml-parser - Patched by Root

Root has patched CVE-2026-25896 in the @rootio/fast-xml-parser package for Root:npm. Multiple fixed versions available...

9.3CVSS5.3AI score0.00445EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/06/25 9:12 p.m.8 views

CVE-2026-12975

A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission or unauthenticated when the registry runs with default...

8.5CVSS5.8AI score0.00233EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 7:15 p.m.10 views

CVE-2026-44020

A flaw was found in docling. An attacker could exploit an XML External Entity XXE vulnerability in the USPTO patent XML parser by crafting malicious XML files. This could allow the attacker to read arbitrary files from the server's filesystem, perform Server-Side Request Forgery SSRF attacks, or...

9.4CVSS5.9AI score0.00334EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 6:17 p.m.10 views

CVE-2026-44020

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2.74.0, the USPTO patent XML parser used the standard xml.sax.parseString without protection against XML External Entity XXE attacks. An attacker could...

9.4CVSS0.00334EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57303

Jenkins Assembla Plugin 1.4 and earlier does not configure its XML parser to prevent XML external entity XXE attacks, allowing attackers able to control the responses of the configured Assembla server to extract secrets from the Jenkins controller or perform server-side request forgery...

7.1CVSS5.9AI score0.00224EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 1:20 p.m.7 views

EUVD-2026-38784

Jenkins Assembla Plugin 1.4 and earlier does not configure its XML parser to prevent XML external entity XXE attacks, allowing attackers able to control the responses of the configured Assembla server to extract secrets from the Jenkins controller or perform server-side request forgery...

7.1CVSS5.9AI score0.00224EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/24 11:53 a.m.11 views

Security Bulletin: Security Vulnerabilities were found in IBM Security Verify Directory (CVE-2018-2799)

Summary Security Vulnerabilities were addressed in IBM Security Verify Directory Vulnerability Details CVEID:CVE-2018-2799 DESCRIPTION: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171,...

5.3CVSS6.3AI score0.15141EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:47 p.m.3 views

Security Bulletin: Vulnerability in fast-xml-parser affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in fast-xml-parser has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

7.5CVSS5.8AI score0.00811EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:11 p.m.5 views

Security Bulletin: Vulnerability in fast-xml-parser affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in fast-xml-parser has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

7.5CVSS7.1AI score0.00478EPSS
Exploits0Affected Software2
Cvelist
Cvelist
added 2026/06/21 3:43 p.m.37 views

CVE-2026-56403

libexpat before 2.8.2 has an integer overflow in storeAtts...

6.9CVSS0.00102EPSS
Exploits0References1
NVD
NVD
added 2026/06/21 9:16 a.m.12 views

CVE-2026-12788

A vulnerability was determined in zhilink 智互联深圳科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. This vulnerability affects unknown code of the file /adpweb/a/base/barcodeDetail/import of the component XML Parser. This manipulation causes xml external entity reference. It is possible to...

6.5CVSS0.00237EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/21 7:45 a.m.36 views

CVE-2026-12788 zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 XML Parser import xml external entity reference

A vulnerability was determined in zhilink 智互联深圳科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. This vulnerability affects unknown code of the file /adpweb/a/base/barcodeDetail/import of the component XML Parser. This manipulation causes xml external entity reference. It is possible to...

6.5CVSS0.00237EPSS
Exploits0References5
Rows per page
Query Builder