Lucene search
K

147 matches found

NVD
NVD
added 2022/01/10 2:12 p.m.14 views

CVE-2022-22825

lookup in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

8.8CVSS0.02614EPSS
Exploits0References6
OSV
OSV
added 2022/01/10 2:12 p.m.3 views

DEBIAN-CVE-2022-22825

lookup in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

8.8CVSS7.4AI score0.02614EPSS
Exploits0References1
OSV
OSV
added 2022/01/10 2:12 p.m.3 views

ALPINE-CVE-2022-22823

buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS7.1AI score0.03376EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/01/10 2:12 p.m.56 views

CVE-2022-22824

defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS7AI score0.03376EPSS
Exploits0References5
Prion
Prion
added 2022/01/10 2:12 p.m.26 views

Integer overflow

defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

7.5CVSS9.4AI score0.03376EPSS
Exploits0References6Affected Software4
OSV
OSV
added 2022/01/10 2:12 p.m.3 views

UBUNTU-CVE-2022-22822

addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS7AI score0.04829EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.3 views

Expat和libexpat 输入验证错误漏洞

Expat is a fast streaming XML parser written in C. libexpat is a streaming XML parser written in C. A buffer overflow vulnerability exists in versions of Expat prior to 2.4.3, which stems from a boundary error in storeAtts in xmlparse.c when processing untrusted input. A remote attacker could...

8.8CVSS9.3AI score0.02778EPSS
Exploits0References43
Cvelist
Cvelist
added 2022/01/08 2:56 a.m.20 views

CVE-2022-22825

lookup in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.5AI score0.02614EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/01/08 12:0 a.m.4 views

PT-2022-1586 · Expat +12 · Expat +12

Name of the Vulnerable Software and Affected Versions: Expat aka libexpat versions prior to 2.4.3 Description: The issue is related to an integer overflow in the lookup function of the xmlparse.c file in the Expat library. This can potentially allow a remote attacker to cause a denial of service...

10CVSS7.6AI score0.33936EPSS
Exploits10References255
UbuntuCve
UbuntuCve
added 2022/01/06 4:15 a.m.38 views

CVE-2021-46143

In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize...

8.1CVSS6.9AI score0.03759EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2022/01/06 12:0 a.m.6 views

PT-2022-1754

Name of the Vulnerable Software and Affected Versions Expat versions prior to 2.4.3 Description The issue is related to an integer overflow in the doProlog function of the xmlparse.c file in the Expat library. This could allow a remote attacker to impact the confidentiality, integrity, and...

9.8CVSS8.9AI score0.33936EPSS
Exploits12References284
OSV
OSV
added 2022/01/01 7:15 p.m.3 views

DEBIAN-CVE-2021-45960

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory...

8.8CVSS7.3AI score0.042EPSS
Exploits1References1
OSV
OSV
added 2022/01/01 7:15 p.m.8 views

AZL-7124 CVE-2021-45960 affecting package expat for versions less than 2.4.3-1

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory...

8.8CVSS6.9AI score0.042EPSS
Exploits1References1
OSV
OSV
added 2022/01/01 7:15 p.m.3 views

ALPINE-CVE-2021-45960

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory...

8.8CVSS6.9AI score0.042EPSS
Exploits1References1
OSV
OSV
added 2022/01/01 7:15 p.m.2 views

UBUNTU-CVE-2021-45960

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory...

8.8CVSS6.9AI score0.042EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/01/01 6:47 p.m.26 views

CVE-2021-45960

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory...

9.4AI score0.042EPSS
Exploits1References9
Packet Storm
Packet Storm
added 2017/10/26 12:0 a.m.51 views

Mura CMS Server-Side Request Forgery / XXE Injection

Exploit Title: Mura CMS before 6.2 SSRF + XXE Date: 30-10-2017 Exploit Author: Anthony Cole Vendor Homepage: http://www.getmura.com/ Version: before 6.2 Contact: http://twitter.com/acole76 Website: http://twitter.com/acole76 Tested on: Windows 2008 w/ Coldfusion 8 CVE: CVE-2017-15639 Category:...

6.6AI score0.06784EPSS
Exploits5
0day.today
0day.today
added 2017/10/25 12:0 a.m.48 views

Mura CMS < 6.2 - Server-Side Request Forgery / XML External Entity Injection Vulnerabilities

Exploit for unknown platform in category web applications Exploit Title: Mura CMS before 6.2 SSRF + XXE Date: 30-10-2017 Exploit Author: Anthony Cole Vendor Homepage: http://www.getmura.com/ Version: before 6.2 Contact: http://twitter.com/acole76 Website: http://twitter.com/acole76 Tested on:...

4CVSS6.6AI score0.06784EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/10/24 12:0 a.m.48 views

Mura CMS &lt; 6.2 - Server-Side Request Forgery / XML External Entity Injection

Exploit Title: Mura CMS before 6.2 SSRF + XXE Date: 30-10-2017 Exploit Author: Anthony Cole Vendor Homepage: http://www.getmura.com/ Version: before 6.2 Contact: http://twitter.com/acole76 Website: http://twitter.com/acole76 Tested on: Windows 2008 w/ Coldfusion 8 CVE: CVE-2017-15639 Category:...

6.5CVSS6.5AI score0.06784EPSS
Exploits5
NVD
NVD
added 2013/10/19 10:36 a.m.34 views

CVE-2013-6025

The XMLParse procedure in SAP Sybase Adaptive Server Enterprise ASE 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML External Entity XX...

4CVSS6.6AI score0.08201EPSS
Exploits2References6
Rows per page
Query Builder