Lucene search
K

57 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.7 views

Siemens SIMATIC S7-1500 Improper Restriction of XML External Entity Reference (CVE-2018-20843)

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing enough to be usable for denial-of-service attacks. This plugin only works with Tenable.ot. Please visit...

7.8CVSS6.6AI score0.07107EPSS
Exploits1References4
Broadcom
Broadcom
added 2024/07/30 12:0 a.m.10 views

Multiple Vulnerabilities within libexpat (CVE-2018-20843, CVE-2019-15903, CVE-2021-46143, CVE-2022-22825, CVE-2022-23990)

Summary CVE-2018-20843 In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing enough to be usable for denial-of-service attacks. Base CVSS score: 7.5...

8.8CVSS7.3AI score0.07107EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.13 views

RHEL 6 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - expat: Large number of prefixed XML attributes on a single tag can crash libexpat CVE-2021-45960 - expat:...

9.6AI score0.19069EPSS
Exploits7References19
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.24 views

Rocky Linux 8 : expat (RLSA-2020:4484)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4484 advisory. - In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount...

7.8CVSS7.7AI score0.07107EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2023/11/02 12:0 a.m.35 views

F5 Networks BIG-IP : Expat XML parser vulnerability (K51011533)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 13.1.5 / 14.1.4.2 / 14.1.4.5 / 15.1.3 / 15.1.4 / 16.0.1.2 / 16.1.0 / 16.1.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K51011533 advisory. - In libexpat in Expat before 2.2.7, X...

7.8CVSS6.5AI score0.07107EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.30 views

Ubuntu 16.04 ESM : VTK vulnerabilities (USN-4852-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4852-1 advisory. It was discovered that VTK incorrectly handled certain XML files in the embedded Expat library. An attacker could possibly use this issue to cause a deni...

7.8CVSS7.3AI score0.07107EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.39 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : xmltok library vulnerabilities (USN-5455-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5455-1 advisory. Tim Boddy, Gustavo Grieco and others discovered that Expat, that is integrated in xmltok library, incorrectly handled...

9.8CVSS8.2AI score0.34174EPSS
Exploits6References16
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.65 views

K51011533: Expat XML parser vulnerability CVE-2018-20843

Security Advisory Description In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing enough to be usable for denial-of-service attacks. CVE-2018-20843 Impact...

7.8CVSS6.8AI score0.07107EPSS
Exploits1Affected Software15
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-5455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.34174EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-4040-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.07107EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2022/07/19 5:11 p.m.58 views

USN-5455-1: xmltok library vulnerabilities

Tim Boddy, Gustavo Grieco and others discovered that Expat, that is integrated in xmltok library, incorrectly handled certain files. An attacker could possibly use these issues to cause a denial of service, or possibly execute arbitrary code. These issues were only addressed in Ubuntu 16.04 ESM...

9.8CVSS8.1AI score0.34174EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.50 views

AlmaLinux 8 : mingw-expat (ALSA-2020:4846)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:4846 advisory. - In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and...

7.8CVSS6.5AI score0.07107EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.55 views

AlmaLinux 8 : expat (ALSA-2020:4484)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4484 advisory. - In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount o...

7.8CVSS7.6AI score0.07107EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2019-0274)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.07107EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/10/22 12:0 a.m.98 views

Oracle HTTP Server (Oct 2021 CPU)

The 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0 versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory. - Vulnerability in the Oracle WebLogic Server Proxy Plug-In product of Oracle Fusion Middleware component: SSL...

7.8CVSS6.9AI score0.07107EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2021/06/15 12:0 a.m.138 views

Tenable Nessus 8.x.x < 8.15.0 Multiple Vulnerabilities (TNS-2021-11)

According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 8.15.0. It is, therefore, affected by multiple vulnerabilities: - Multiple local privilege escalation vulnerabilities. A local attacker can exploit these to gain administrator privileges ...

7.8CVSS7.6AI score0.07107EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2019:1835-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.07107EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2019:1834-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.6AI score0.07107EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.45 views

NewStart CGSL MAIN 6.02 : expat Multiple Vulnerabilities (NS-SA-2021-0083)

The remote NewStart CGSL host, running version MAIN 6.02, has expat packages installed that are affected by multiple vulnerabilities: - In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and...

7.8CVSS7.6AI score0.07107EPSS
Exploits2References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/03 4:2 p.m.47 views

Security Bulletin: IBM MQ Appliance is affected by libexpat vulnerabilities (CVE-2018-20843, CVE-2019-15903)

Summary IBM MQ Appliance has resolved libexpat vulnerabilities. Vulnerability Details CVEID: CVE-2018-20843 DESCRIPTION: libexpat is vulnerable to a denial of service, caused by an error in the XML parser. By persuading a victim to open a specially-crafted file, a remote attacker could exploit th...

7.8CVSS1.8AI score0.07107EPSS
Exploits2Affected Software1
Rows per page
Query Builder