Lucene search
K

65 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-23852)

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

9.8CVSS6.8AI score0.04525EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0021: expat (ALINUX3-SA-2022:0021)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0021 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-45960: In Expat aka libexpat befo...

9.8CVSS7.4AI score0.34174EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2022-23852

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. CVE-2022-23852 Note that Nessu...

9.8CVSS7.4AI score0.04525EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.17 views

RHEL 7 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - expat: Large number of prefixed XML attributes on a single tag can crash libexpat CVE-2021-45960 - expat:...

9.8CVSS9AI score0.19433EPSS
Exploits3References15
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.13 views

RHEL 6 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - expat: Large number of prefixed XML attributes on a single tag can crash libexpat CVE-2021-45960 - expat:...

9.6AI score0.19069EPSS
Exploits7References19
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.40 views

CentOS 9 : expat-2.2.10-9.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the expat-2.2.10-9.el9 build changelog. - Large number of prefixed XML attributes on a single tag can crash libexpat CVE-2021-45960 - Integer overflow in doProlog in xmlparse.c...

9.8CVSS7.6AI score0.04829EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2023/12/27 12:0 a.m.28 views

NewStart CGSL MAIN 6.06 : expat Multiple Vulnerabilities (NS-SA-2023-0082)

The remote NewStart CGSL host, running version MAIN 6.06, has expat packages installed that are affected by multiple vulnerabilities: - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating to...

9.8CVSS7.6AI score0.34174EPSS
Exploits3References27
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.32 views

Rocky Linux 8 : expat (RLSA-2022:0951)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0951 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g.,...

9.8CVSS7.4AI score0.34174EPSS
Exploits3References25
Tenable Nessus
Tenable Nessus
added 2023/05/12 12:0 a.m.52 views

Nessus Network Monitor < 6.2.1 Multiple Vulnerabilities (TNS-2023-19)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-19 advisory. - Nessus Network Monitor leverages third-party software to help provide underlying...

9.8CVSS8AI score0.34174EPSS
Exploits3References24
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.95 views

Amazon Linux 2023 : expat, expat-devel, expat-static (ALAS2023-2023-058)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-058 advisory. In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing...

9.8CVSS8.5AI score0.34174EPSS
Exploits4References36
F5 Networks
F5 Networks
added 2023/02/21 6:59 p.m.112 views

K19473898: Expat vulnerabilities CVE-2022-23852, CVE-2022-25235, CVE-2022-25236, and CVE-2022-25315

Security Advisory Description CVE-2022-23852 Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. CVE-2022-25235 xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for...

9.8CVSS8.3AI score0.34174EPSS
Exploits1Affected Software14
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.7 views

SA45038 - CVE-2022-23852 - Expat (AKA Libexpat) Before 2.4.4 Has a Signed Integer Overflow in XML_GetBuffer, for Configurations With a Nonzero XML_CONTEXT_BYTES

A vulnerability has been reported on the 23rd of Jan 2022 under https://nvd.nist.gov/vuln/detail/CVE-2022-23852 Description: Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. Related link:...

9.8CVSS6.8AI score0.04525EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/12/09 12:0 a.m.45 views

Amazon Linux 2022 : expat (ALAS2022-2022-232)

The version of expat installed on the remote host is prior to 2.4.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-232 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead t...

9.8CVSS7.4AI score0.34174EPSS
Exploits3References31
OpenVAS
OpenVAS
added 2022/11/09 12:0 a.m.25 views

Tenable Nessus < 10.2.0 Multiple Vulnerabilities (TNS-2022-11)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

9.8CVSS8.9AI score0.52063EPSS
Exploits6References1
OpenVAS
OpenVAS
added 2022/11/07 12:0 a.m.29 views

Tenable Nessus < 8.15.3, 10.x < 10.1.1 Multiple Vulnerabilities (TNS-2022-05)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

9.8CVSS9.2AI score0.04829EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2022/10/26 8:5 p.m.73 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

9.8CVSS7.6AI score0.82295EPSS
Exploits5References22
OpenVAS
OpenVAS
added 2022/10/10 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2022-2495)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.34174EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/09/29 12:0 a.m.48 views

GLSA-202209-24 : Expat: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202209-24 Expat: Multiple Vulnerabilities - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only...

9.8CVSS7.6AI score0.34174EPSS
Exploits3References22
Android Security Bulletins
Android Security Bulletins
added 2022/09/06 12:0 a.m.106 views

Android Security Bulletin—September 2022Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2022-09-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

9.8CVSS5.4AI score0.04829EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/25 2:50 p.m.48 views

Security Bulletin: Multiple Vulnerabilities in Expat component shipped with IBM Rational ClearCase ( CVE-2022-23852, CVE-2022-23990, CVE-2022-25235, CVE-2022-25315 )

Summary libexpat is a stream-oriented XML parser library used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-23852 DESCRIPTION: Expat aka libexpat could allow a remote attacker to execute arbitrary code on the system, caus...

9.8CVSS9.6AI score0.04955EPSS
Exploits1Affected Software1
Rows per page
Query Builder