CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58 matches found

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the copyString function. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted input that triggers the...

7.5CVSS6.2AI score0.00102EPSS

Exploits0References2

NVD•added last week•8 views

CVE-2026-56408

libexpat before 2.8.2 has an integer overflow in copyString...

6.9CVSS0.00102EPSS

Exploits0References1

OSV•added last week•4 views

UBUNTU-CVE-2026-56408

libexpat before 2.8.2 has an integer overflow in copyString...

6.9CVSS5.8AI score0.00102EPSS

Exploits0References2

CVE•added last week•14 views

CVE-2026-56408

Vulnerability: libexpat prior to 2.8.2 has an integer overflow in copyString. Root cause: integer overflow in the copyString function. Impact: confidentiality and integrity may be affected with a CVSSv3.1 base score 6.9 (Local attack, high complexity, no user interaction). Remediation: upgrade to...

6.9CVSS5.9AI score0.00102EPSS

Exploits0References1Affected Software1

Debian CVE•added last week•5 views

CVE-2026-56408

libexpat before 2.8.2 has an integer overflow in copyString...

6.9CVSS5.9AI score0.00102EPSS

Exploits0

Cvelist•added last week•26 views

CVE-2026-56408

libexpat before 2.8.2 has an integer overflow in copyString...

6.9CVSS0.00102EPSS

Exploits0References1

EUVD•added last week•8 views

EUVD-2026-38185

libexpat before 2.8.2 has an integer overflow in copyString...

6.9CVSS5.9AI score0.00102EPSS

Exploits0References1

Positive Technologies•added 2026/06/21 12:0 a.m.•12 views

PT-2026-51244

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description An integer overflow exists in the copyString function. An integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented...

6.9CVSS5.8AI score0.00102EPSS

Exploits0References6

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in expat

In Expat also known as libexpat, before version 2.4.5, there is an integer overflow in the copyString function...

7.5CVSS6.8AI score0.04654EPSS

Exploits0References2

Tenable Nessus•added 2026/05/09 12:0 a.m.•8 views

Unity Linux 20.1070e Security Update: expat (UTSA-2026-017381)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017381 advisory. In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString. Tenable has extracted the preceding description block directly from the Unity Linux...

7.5CVSS5.9AI score0.04654EPSS

Exploits0References4

NVD•added 2026/01/28 10:15 p.m.•8 views

CVE-2026-24857

bulkextractor is a digital forensics exploitation tool. Starting in version 1.4, bulkextractor’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in Unpack::CopyString, leading to a crash under ASAN and...

9.8CVSS0.00373EPSS

Exploits1References1

CVE•added 2026/01/28 9:30 p.m.•66 views

CVE-2026-24857

CVE-2026-24857 affects bulk_extractor (bulk extractor). Starting in version 1.4, the embedded unrar code has a heap-buffer-overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image can trigger an out-of-bounds write in Unpack::CopyString, causing a crash under ASAN and likely me...

9.8CVSS6AI score0.00373EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2026/01/28 9:30 p.m.•2 views

CVE-2026-24857 bulk_extractor has Heap-based Buffer Overflow vulnerability

6.9CVSS6AI score0.00373EPSS

Exploits1References1

OSV•added 2026/01/28 9:30 p.m.•5 views

CVE-2026-24857 bulk_extractor has Heap-based Buffer Overflow vulnerability

6.9CVSS6AI score0.00373EPSS

Exploits1References3

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 8 : expat-2.2.5-8.el8.2 (AXSA:2022-3677:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3677:05 advisory. expat: stack exhaustion in doctype parsing CVE-2022-25313 expat: integer overflow in copyString CVE-2022-25314 Tenable has extracted the preceding...

7.5CVSS7.2AI score0.04654EPSS

Exploits0References3

RedHat Linux•added 2025/12/09 8:32 a.m.•4 views

expat: Integer overflow in copyString()

An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded rather than user input, takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service...

7.5CVSS7.4AI score0.04654EPSS

Exploits0References5

RedHat Linux•added 2025/12/04 11:12 p.m.•2 views

expat: Integer overflow in copyString()

7.5CVSS7.4AI score0.04654EPSS

Exploits0References5

Tenable Nessus•added 2025/11/13 12:0 a.m.•3 views

Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-25314)

In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504215;...

7.5CVSS6.8AI score0.04654EPSS

Exploits0References5

OSV•added 2025/10/14 3:35 p.m.•8 views

JLSEC-2025-55 In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.

In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...

7.5CVSS7.2AI score0.04654EPSS

Exploits0References18

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2022-29997

Malicious code in bioql PyPI...

7.5CVSS7AI score0.04654EPSS

Exploits0References17