147 matches found
Unity Linux 20.1070a Security Update: firefox (UTSA-2025-987429)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987429 advisory. addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Unity...
EUVD-2022-43945
Malicious code in bioql PyPI...
EUVD-2022-27965
Malicious code in bioql PyPI...
EUVD-2022-27962
Malicious code in bioql PyPI...
PT-2025-26805 · Git +1 · Xmlsec
Name of the Vulnerable Software and Affected Versions: libxml2 affected versions not specified Description: The software is susceptible to a heap-buffer-overflow write issue. The crash state involves the functions xmlParsePubidLiteral, xmlParseExternalID, and xmlParseNotationDecl. Recommendations...
libexpat: Negative Length Parsing Vulnerability in libexpat
A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XMLParseBuffer function...
CVE-2025-1225
A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03. This issue affects the function extract of the file c-main/src/main/java/com/redmoon/weixin/aes/XMLParse.java of the component WXCallBack Interface. The manipulation leads to xml external entity...
libexpat: Integer Overflow or Wraparound
An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...
libexpat: Negative Length Parsing Vulnerability in libexpat
A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XMLParseBuffer function...
libexpat: Negative Length Parsing Vulnerability in libexpat
A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XMLParseBuffer function...
libexpat: integer overflow
A flaw was found in libexpat's internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...
libexpat: Integer Overflow or Wraparound
An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...
CLSA-2024-1726608017 Fix CVE(s): CVE-2024-45491, CVE-2024-45492
SECURITY UPDATE: Avoid integer overflow on 32 bits systems - debian/patches/CVE-2024-45491.patch: fix dtdCopy in xmlparse.c - CVE-2024-45491 SECURITY UPDATE: Avoid integer overflow on 32 bits systems - debian/patches/CVE-2024-45492.patch: fix nextScaffoldPart in xmlparse.c - CVE-2024-45492...
CBL Mariner 2.0 Security Update: expat / python3 (CVE-2024-45491)
The version of expat / python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45491 advisory. - An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflo...
CBL Mariner 2.0 Security Update: expat / python3 (CVE-2024-45492)
The version of expat / python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45492 advisory. - An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an intege...
AZL-48466 CVE-2024-45492 affecting package expat for versions less than 2.6.3-1
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...
CVE-2024-45491
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...
CVE-2024-45492
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...
ALPINE-CVE-2024-45492
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...
CVE-2024-45492
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...