Lucene search
K

86 matches found

Amazon
Amazon
added 2026/02/19 12:0 a.m.17 views

Medium: thunderbird

Issue Overview: HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construc...

7.8CVSS6AI score0.00377EPSS
Exploits6
OSV
OSV
added 2026/02/06 3:54 p.m.6 views

OESA-2026-1295 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no...

7.8CVSS5.7AI score0.00193EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/02/05 8:30 a.m.5 views

Security update for expat

This update for expat fixes the following issues: CVE-2026-24515: Fixed a null dereference in XMLExternalEntityParserCreate. bsc1257144 CVE-2026-25210: Fixed an integer overflow in doContent. bsc1257496 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

7.3CVSS7.1AI score0.00193EPSS
Exploits0References8
OSV
OSV
added 2026/02/04 6:9 p.m.3 views

MGASA-2026-0031 Updated expat packages fix security vulnerabilities

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data. CVE-2026-24515 In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

7.8CVSS5.5AI score0.00193EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/31 12:24 a.m.9 views

SUSE CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

6.5CVSS6AI score0.00193EPSS
Exploits0References11
FreeBSD
FreeBSD
added 2026/01/31 12:0 a.m.7 views

expat -- multiple vulnerabilities

expat team reports: Update contains 2 security fixes: CVE-2026-24515: NULL dereference in function XMLExternalEntityParserCreate CVE-2026-25210: missing check for integer overflow in function doContent...

7.8CVSS5.5AI score0.00193EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/30 12:46 p.m.5 views

CVE-2026-25210

A flaw was found in libexpat. A local attacker could exploit an integer overflow vulnerability in the doContent function. This flaw occurs because the buffer size is not properly determined during tag buffer reallocation, which can lead to memory corruption. Successful exploitation may result in...

7.8CVSS6AI score0.00193EPSS
Exploits0References5
Snyk
Snyk
added 2026/01/30 7:51 a.m.9 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the doContent function in xmlparse.c. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted input that triggers an integer overflow. Remediation...

7.8CVSS6AI score0.00193EPSS
Exploits0References2
OSV
OSV
added 2026/01/30 7:16 a.m.6 views

ALPINE-CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

7.8CVSS5.6AI score0.00193EPSS
Exploits0References1
OSV
OSV
added 2026/01/30 7:16 a.m.7 views

AZL-76340 CVE-2026-25210 affecting package expat for versions less than 2.6.4-4

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

7.8CVSS7.6AI score0.00193EPSS
Exploits0References1
NVD
NVD
added 2026/01/30 7:16 a.m.9 views

CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

7.8CVSS0.00193EPSS
Exploits0References3
OSV
OSV
added 2026/01/30 7:16 a.m.3 views

UBUNTU-CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

7.8CVSS7AI score0.00193EPSS
Exploits0References5
CVE
CVE
added 2026/01/30 6:40 a.m.45 views

CVE-2026-25210

CVE-2026-25210 affects libexpat prior to 2.7.4, where doContent may miscompute bufSize due to missing integer overflow check during tag buffer reallocation. Multiple connected sources confirm the issue and reference a fix in updated expat releases; remediation is to update to a version including ...

7.8CVSS6AI score0.00193EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/01/30 6:40 a.m.30 views

CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

6.9CVSS0.00193EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/30 6:40 a.m.5 views

EUVD-2026-5042

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

6.9CVSS6AI score0.00193EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/30 6:40 a.m.6 views

CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

6.9CVSS6AI score0.00193EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/01/30 6:40 a.m.5 views

CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

7.8CVSS7.4AI score0.00193EPSS
Exploits0
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.6 views

libexpat input validation vulnerability

libexpat is a streaming XML parser written in C language by the libexpat team. Versions of libexpat prior to 2.7.4 had a vulnerability related to input validation errors. This vulnerability stemmed from a lack of integer overflow checks in the doContent function, which could lead to incorrect...

7.8CVSS7AI score0.00193EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/30 12:0 a.m.3 views

CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

7.8CVSS7AI score0.00193EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.4 views

PT-2026-5383

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.7.4 Description The doContent function in libexpat does not correctly calculate the buffer size bufSize when reallocating memory for tags, due to a missing integer overflow check. This can lead to potential issues...

9.8CVSS5.6AI score0.00193EPSS
Exploits0
Rows per page
Query Builder