libexpat: Integer Overflow or Wraparound

An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...

libexpat: Integer Overflow or Wraparound

An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...

OESA-2024-2138 xmlrpc-c security update

XML-RPC is a quick-and-easy way to make procedure calls over the Internet. It converts the procedure call into an XML document, sends it to a remote server using HTTP, and gets back the response as XML. Security Fixes: An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a...

An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

...

CVE-2024-3107

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 2.12.6 via the getblockdefaultattributes function. This allows authenticated attackers, with contributor-level permissions and above, to read the contents of any files...

PT-2024-23748 · WordPress · The Spectra – Wordpress Gutenberg Blocks

Name of the Vulnerable Software and Affected Versions: The Spectra – WordPress Gutenberg Blocks plugin versions up to, and including, 2.12.6 Description: The issue allows authenticated attackers with contributor-level permissions and above to read the contents of any files named attributes.php on...

DEBIAN-CVE-2017-0366

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw allowing to evade SVG filter using default attribute values in DTD declaration...