Lucene search
K

26 matches found

CVE
CVE
added 2026/06/21 3:48 p.m.26 views

CVE-2026-56406

CVE-2026-56406 affects libexpat up to version 2.8.1; the root cause is an integer overflow in XML_ParseBuffer due to a missing check that XML_Parse had. The CVSSv3.1 vector indicates Local attack, high complexity, no privileges required, no user interaction, with Confidentiality and Integrity imp...

6.9CVSS5.9AI score0.00102EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/21 3:48 p.m.8 views

EUVD-2026-38183

libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...

6.9CVSS5.9AI score0.00102EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/21 3:48 p.m.4 views

CVE-2026-56406

libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...

6.9CVSS5.9AI score0.00102EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-56406

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse. CVE-2026-56406 Note that Nessus relies o...

6.9CVSS5.9AI score0.00102EPSS
Exploits0References4
OSV
OSV
added 2026/01/06 4:10 p.m.1 views

SUSE-SU-2026:0044-1 Security update for mozjs60

This update for mozjs60 fixes the following issues: - CVE-2024-45492: embedded expat: detect integer overflow in function nextScaffoldPart bsc1230038 - CVE-2024-45491: embedded expat: detect integer overflow in dtdCopy bsc1230037 - CVE-2024-45490: embedded expat: reject negative len for...

9.8CVSS8.2AI score0.01686EPSS
Exploits0References9
Amazon
Amazon
added 2025/01/09 12:0 a.m.42 views

Important: expat

Issue Overview: An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. CVE-2024-45490 Affected Packages: expat Issue Correction: Run yum update expat or yum update --advisory ALAS-2025-1953 to update your system. New Packages: i686: ...

9.8CVSS7.7AI score0.01686EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/11/11 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-2903)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.8AI score0.01686EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/11/11 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for xmlrpc-c (EulerOS-SA-2024-2919)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.8AI score0.01686EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/10/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2024-0338)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.01686EPSS
Exploits0References4
Mageia
Mageia
added 2024/10/27 2:37 a.m.29 views

Updated mozjs78 packages fix security vulnerabilities

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. CVE-2024-45490 An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...

9.8CVSS7.4AI score0.01686EPSS
Exploits0References2
OSV
OSV
added 2024/10/09 6:17 a.m.16 views

SUSE-SU-2024:3554-1 Security update for mozjs78

This update for mozjs78 fixes the following issues: - CVE-2024-45490: Fixed negative len for XMLParseBuffer in embedded expat bnc1230036 - CVE-2024-45491: Fixed integer overflow in dtdCopy in embedded expat bnc1230037 - CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart in embedd...

9.8CVSS8.6AI score0.01686EPSS
Exploits0References7
OSV
OSV
added 2024/10/07 12:16 p.m.16 views

SUSE-SU-2024:3538-1 Security update for mozjs115

This update for mozjs115 fixes the following issues: - CVE-2024-45490: Fixed negative len for XMLParseBuffer in embedded expat bnc1230036 - CVE-2024-45491: Fixed integer overflow in dtdCopy in embedded expat bnc1230037 - CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart in...

9.8CVSS8.6AI score0.01686EPSS
Exploits0References7
OSV
OSV
added 2024/10/03 11:33 a.m.15 views

SUSE-SU-2024:3515-1 Security update for expat

This update for expat fixes the following issues: - CVE-2024-45492: integer overflow in function nextScaffoldPart. bsc1229932 - CVE-2024-45491: integer overflow in dtdCopy. bsc1229931 - CVE-2024-45490: negative length for XMLParseBuffer not rejected. bsc1229930...

9.8CVSS8.6AI score0.01686EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/09/14 12:0 a.m.48 views

CBL Mariner 2.0 Security Update: expat / python3 (CVE-2024-45490)

The version of expat / python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45490 advisory. - An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for...

9.8CVSS6.9AI score0.01686EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/13 12:0 a.m.21 views

SUSE SLED15: expat / libexpat-devel / libexpat-devel-32bit / libexpat1 / etc (SUSE-SU-2024:3216-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3216-1 advisory. - CVE-2024-45492: integer overflow in function nextScaffoldPart. bsc1229932 - CVE-2024-45491:...

9.8CVSS7.2AI score0.01686EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2024/09/13 12:0 a.m.14 views

openSUSE Security Advisory (SUSE-SU-2024:3216-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.01686EPSS
Exploits0References6
Mageia
Mageia
added 2024/09/11 8:42 p.m.28 views

Updated expat packages fix security vulnerabilities

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. CVE-2024-45490 An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...

9.8CVSS7.6AI score0.01686EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/10 12:0 a.m.26 views

SUSE SLES12 Security Update : expat (SUSE-SU-2024:3182-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3182-1 advisory. - CVE-2024-45492: Detect integer overflow in function nextScaffoldPart. bsc1229932 - CVE-2024-45491: Detect integer overflow in...

9.8CVSS7.4AI score0.01686EPSS
Exploits0References10
OSV
OSV
added 2024/09/09 2:41 p.m.17 views

SUSE-SU-2024:3182-1 Security update for expat

This update for expat fixes the following issues: - CVE-2024-45492: Detect integer overflow in function nextScaffoldPart. bsc1229932 - CVE-2024-45491: Detect integer overflow in dtdCopy. bsc1229931 - CVE-2024-45490: Reject negative len for XMLParseBuffer. bsc1229930...

9.8CVSS8.6AI score0.01686EPSS
Exploits0References7
OSV
OSV
added 2024/09/06 11:9 a.m.5 views

OESA-2024-2102 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for...

9.8CVSS7.1AI score0.01686EPSS
Exploits0References2
Rows per page
Query Builder