Lucene search
K

147 matches found

CVE
CVE
added 2024/08/30 12:0 a.m.208 views

CVE-2024-45492

CVE-2024-45492 affects libexpat. Affected: expat library versions older than 2.6.3; vulnerability arises from an integer overflow in nextScaffoldPart() in xmlparse.c on 32-bit platforms, potentially enabling arbitrary code execution. Public advisories (CBL-Mariner, Debian DLA-3893-1, ALSA advisor...

9.8CVSS7.3AI score0.01393EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2024/08/30 12:0 a.m.24 views

CVE-2024-45491

An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...

0.0113EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/30 12:0 a.m.26 views

CVE-2024-45491

An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...

7.2AI score0.0113EPSS
Exploits0References2
CVE
CVE
added 2024/08/30 12:0 a.m.231 views

CVE-2024-45491

CVE-2024-45491 affects libexpat prior to 2.6.3. Root cause: integer overflow in nDefaultAtts within xmlparse.c on 32-bit platforms, potentially enabling memory corruption or code execution. Public details confirm exposure is tied to libexpat, with Debian/ALMA advisories indicating DoS/code exec r...

9.8CVSS7.3AI score0.0113EPSS
Exploits0References6Affected Software1
AlpineLinux
AlpineLinux
added 2024/08/30 12:0 a.m.64 views

CVE-2024-45492

An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...

9.8CVSS7.4AI score0.01393EPSS
Exploits0
OSV
OSV
added 2024/07/05 11:8 a.m.5 views

OESA-2024-1815 mozjs78 security update

Security Fixes: In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory.CVE-2021-45960 xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain...

9.8CVSS8.8AI score0.04915EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/12/27 12:0 a.m.31 views

NewStart CGSL MAIN 5.04 : expat Vulnerability (NS-SA-2023-0070)

The remote NewStart CGSL host, running version MAIN 5.04, has expat packages installed that are affected by a vulnerability: - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus has not tested for this issue but has instead relied...

8.1CVSS7.5AI score0.01659EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/05/17 12:0 a.m.4 views

The vulnerability in the doContent function of the xmlparse.c file in the XML syntax analyzer library libexpat allows a attacker to execute arbitrary code.

The vulnerability of the doContent function in the xmlparse.c file of the XML syntax analyzer library libexpat is related to the possibility of being exploited after being released. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.1CVSS7.1AI score0.01659EPSS
Exploits0References24Affected Software30
OpenVAS
OpenVAS
added 2023/03/09 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2023-1501)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.5AI score0.01659EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.3 views

SUSE CVE-2012-1148

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service memory consumption via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities...

5CVSS8.5AI score0.03565EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.2 views

SUSE CVE-2022-22824

defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

7.5CVSS7.9AI score0.03376EPSS
Exploits0References52
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.3 views

SUSE CVE-2022-22823

buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

7.5CVSS7.9AI score0.03376EPSS
Exploits0References52
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.3 views

SUSE CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

8.1CVSS7.5AI score0.01659EPSS
Exploits0References62
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.36 views

EulerOS Virtualization 2.10.1 : expat (EulerOS-SA-2023-1145)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Tenable Network Securi...

8.1CVSS7.5AI score0.01659EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/10 12:0 a.m.13 views

EulerOS Virtualization 2.10.0 : expat (EulerOS-SA-2023-1166)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Tenable Network Securi...

8.1CVSS7.5AI score0.01659EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/12/22 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2022-2819)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.5AI score0.01659EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/12/21 12:0 a.m.26 views

EulerOS 2.0 SP10 : expat (EulerOS-SA-2022-2819)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Tenable Network Security has extracte...

8.1CVSS7.5AI score0.01659EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/11/14 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2022-2727)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.5AI score0.01659EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/11/09 12:0 a.m.91 views

Amazon Linux 2 : expat (ALAS-2022-1877)

The version of expat installed on the remote host is prior to 2.1.0-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1877 advisory. A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while...

8.1CVSS8AI score0.01659EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/10/26 8:5 p.m.1 views

expat: Integer overflow in build_model in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS7.5AI score0.03376EPSS
Exploits0References5
Rows per page
Query Builder