SUSE CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

libexpat input validation vulnerability

libexpat is a streaming XML parser written in C language by the libexpat team. Versions of libexpat prior to 2.7.4 had a vulnerability related to input validation errors. This vulnerability stemmed from a lack of integer overflow checks in the doContent function, which could lead to incorrect...

CVE-2024-0820

The Jobs for WordPress plugin before 2.7.4 does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

SUSE CVE-2016-6811

In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user...

PT-2021-19921 · Comodo +1 · Itop +1

Name of the Vulnerable Software and Affected Versions: Combodo iTop versions prior to 2.7.4 Description: The issue allows a non-admin user to access many class/field values through a GroupBy Dashlet error message. Recommendations: For versions prior to 2.7.4, update to version 2.7.4 or 3.0.0 to...

Combodo iTop 命令注入漏洞

Combodo iTop is a French company Combodo ITIL-based development and for the daily operation of the IT environment of open source Web applications. The program provides incident management, configuration management, and problem management functionality. A command injection vulnerability exists in...

AZL-40759 CVE-2019-11358 affecting package python-pygments for versions less than 2.7.4-1

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype...

LibreSSL ROHNP Vulnerability

LibreSSL is a fork of the OpenSSL cryptographic software library developed by the OpenBSD project and an open source implementation of the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. A security vulnerability exists in LibreSSL versions prior to 2.6.5 and 2.7.x prior to...

Piwigo 'admin.php' Cross-Site Scripting Vulnerability

Piwigo is a photo album script written in PHP. A cross-site scripting vulnerability exists in versions of Piwigo prior to 2.7.4, which allows attackers to launch cross-site scripting attacks...