Lucene search
K

1310 matches found

EUVD
EUVD
added 2026/06/26 12:32 a.m.7 views

EUVD-2026-39574

A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission or unauthenticated when the registry runs with default...

8.5CVSS5.8AI score0.00244EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 9:12 p.m.15 views

CVE-2026-12975

CVE-2026-12975 affects Apicurio Registry. The flaw is in ContentTypeUtil.isParsableXml(), which creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission (or unauthenticated when the registry runs wit...

8.5CVSS5.8AI score0.00244EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/25 9:12 p.m.6 views

CVE-2026-12975

A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission or unauthenticated when the registry runs with default...

8.5CVSS5.8AI score0.00244EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/24 3:36 p.m.5 views

CVE-2026-6653

A flaw was found in libxml2. A remote attacker can exploit a use-after-free vulnerability in the xmlParseInternalSubset function by providing maliciously crafted XML input. This improper handling of entity resolution can lead to a denial-of-service DoS, making the affected system or application...

8.3CVSS5.7AI score0.00289EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.18 views

PT-2026-51315

Name of the Vulnerable Software and Affected Versions libxml2 versions 2.9.11 through 2.11.0 Description A Use After Free issue exists in the xmlParseInternalSubset function of libxml2. This occurs due to improper entity resolution handling, which allows a remote attacker to cause a...

8.3CVSS5.8AI score0.00289EPSS
Exploits0References13
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in netcdf

A issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlinternaldtd performs incorrect memory handling during the parsing of crafted XML files, resulting in a one-byte constant being written beyond the bounds of the memory area...

6.5CVSS6.4AI score0.01035EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libxslt

Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data...

7.5CVSS6.9AI score0.01817EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in tinyxml

In TinyXML version 2.6.2, there is an infinite loop in the TiXmlParsingData::Stamp method within tinyxmlparser.cpp, specifically due to the TIXMLUTFLEAD0 case. This issue can be triggered by a specially crafted XML message and leads to a denial of service...

7.5CVSS7AI score0.03055EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in netcdf

A issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmldecode performs incorrect memory handling during the parsing of crafted XML files, resulting in a heap-based buffer overflow...

7.5CVSS7.6AI score0.01402EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in netcdf

A issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlparsestr performs incorrect memory handling during the parsing of crafted XML files writing outside of a memory region created by mmap...

6.5CVSS6.3AI score0.01193EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in qt4-x11, qtbase-opensource-src

In Qt versions prior to 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there may be an application crash in QXmlStreamReader due to a crafted XML string, causing a situation where a prefix is greater than a certain length...

7.5CVSS7.2AI score0.01324EPSS
Exploits1References2
OSV
OSV
added 2026/06/10 8:42 a.m.9 views

SUSE-SU-2026:2334-1 Security update for libyang

This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. - CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflo...

7.5CVSS5.7AI score0.00519EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/08 12:59 p.m.44 views

CVE-2026-49235 Routinator crashes on specifically crafted RRDP XML files

When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes...

8.7CVSS0.00358EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/07 4:47 a.m.9 views

SUSE CVE-2026-11020

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00221EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:47 a.m.7 views

SUSE CVE-2026-11035

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. Chromium security severity: Medium...

7.3CVSS5.4AI score0.00079EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/06 10:1 p.m.98 views

Exploit for CVE-2019-5513

VMware Horizon /broker/xml Vulnerability Scanner !Security...

5.3CVSS5.6AI score0.01232EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.15 views

RHEL 8 : expat (RHSA-2026:22721)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22721 advisory. Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details...

7.5CVSS5.6AI score0.00428EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.20 views

RHEL 9 : expat (RHSA-2026:23230)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:23230 advisory. Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details...

7.5CVSS5.6AI score0.00428EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.8 views

RHEL 10 : expat (RHSA-2026:22715)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22715 advisory. Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details...

7.5CVSS5.6AI score0.00428EPSS
Exploits1References4
Rockylinux
Rockylinux
added 2026/06/05 12:4 p.m.13 views

expat security update

An update is available for expat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Expat is a C library for parsing XML documents. Security Fixes: libexpat: deni...

7.5CVSS5.5AI score0.00428EPSS
Exploits1
Rows per page
Query Builder