Lucene search
K

86 matches found

OSV
OSV
added 2025/10/14 3:35 p.m.3 views

JLSEC-2025-57 libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

8.1CVSS9AI score0.01659EPSS
Exploits0References24
Redos
Redos
added 2025/09/08 12:0 a.m.5 views

ROS-20250908-02

A vulnerability in the doContent function of the xmlparse.c file of the XML parser library libexpat is related to a post-release exploit. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.1CVSS9.5AI score0.01659EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/05 12:0 a.m.4 views

PT-2025-2025 · Unknown · Mysiteforme

Name of the Vulnerable Software and Affected Versions: wangl1989 mysiteforme version 1.0 Description: A critical issue affects the doContent function of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the content argument leads to server-side...

8.8CVSS6.6AI score0.00535EPSS
Exploits1References12
BDU FSTEC
BDU FSTEC
added 2023/05/17 12:0 a.m.5 views

The vulnerability in the doContent function of the xmlparse.c file in the XML syntax analyzer library libexpat allows a attacker to execute arbitrary code.

The vulnerability of the doContent function in the xmlparse.c file of the XML syntax analyzer library libexpat is related to the possibility of being exploited after being released. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.1CVSS7.1AI score0.01659EPSS
Exploits0References24Affected Software30
OpenVAS
OpenVAS
added 2023/03/09 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2023-1501)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.5AI score0.01659EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.3 views

SUSE CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

8.1CVSS7.5AI score0.01659EPSS
Exploits0References62
RedHat Linux
RedHat Linux
added 2022/12/08 1:21 p.m.3 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/22 3:4 p.m.9 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
OSV
OSV
added 2022/10/26 11:4 a.m.1 views

OESA-2022-2019 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.CVE-2022-40674...

8.1CVSS7.5AI score0.01659EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/20 12:0 a.m.30 views

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:6998)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:6998-1 advisory. - expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Note that Nessus has not tested for this issue but has instead relied onl...

8.1CVSS7.5AI score0.01659EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/10/18 6:29 p.m.2 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/18 6:25 p.m.7 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/18 6:25 p.m.4 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/18 6:20 p.m.4 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/18 6:19 p.m.4 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/18 6:15 p.m.4 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/18 6:15 p.m.4 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/18 1:4 p.m.5 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/18 1:4 p.m.7 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/18 1:1 p.m.4 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.01659EPSS
Exploits0References6
Rows per page
Query Builder