147 matches found
MiracleLinux 9 : expat-2.2.10-12.el9.2 (AXSA:2022-4305:10)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4305:10 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...
MiracleLinux 8 : expat-2.2.5-4.el8.3 (AXSA:2022-3114:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3114:01 advisory. expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution CVE-2022-25235 expat: Namespace-separator characters in...
expat: Integer overflow in storeAtts in xmlparse.c
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
expat: Integer overflow in doProlog in xmlparse.c
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
expat: Integer overflow in addBinding in xmlparse.c
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...
expat: Integer overflow in defineAttribute in xmlparse.c
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
expat: Integer overflow in build_model in xmlparse.c
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-22824)
defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504346;...
Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-22827)
storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504336;...
Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-22822)
addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504286;...
Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-22825)
lookup in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504022;...
Siemens SIMATIC S7-1500 Uncontrolled Resource Consumption (CVE-2021-45960)
In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot fo...
JLSEC-2025-45 build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
JLSEC-2025-63 An issue was discovered in libexpat before 2.6.3
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...
JLSEC-2025-57 libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...
JLSEC-2025-42 In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function ...
In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory...
JLSEC-2025-49 storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
EUVD-2013-5855
Malware in sbrugna...
EUVD-2012-0744
Malware in sbrugna...
Unity Linux 20.1070a Security Update: firefox (UTSA-2025-987431)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987431 advisory. buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Unity...