2081 matches found
RockyLinux 10 : expat (RLSA-2025:7512)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7512 advisory. libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 Tenable has extracted the preceding description block directly from...
EUVD-2025-25833
Malicious code in bioql PyPI...
EUVD-2024-54268
Malicious code in bioql PyPI...
EUVD-2025-31590
Malicious code in bioql PyPI...
EUVD-2022-48051
Malicious code in bioql PyPI...
EUVD-2024-54913
Malicious code in bioql PyPI...
EUVD-2021-28253
Malicious code in bioql PyPI...
EUVD-2025-25798
Malicious code in bioql PyPI...
EUVD-2025-24352
Malicious code in bioql PyPI...
EUVD-2025-27914
Malicious code in bioql PyPI...
EUVD-2022-55505
Malicious code in bioql PyPI...
RLSA-2025:7512 Moderate: expat security update
Expat is a C library for parsing XML documents. Security Fixes: libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to th...
CVE-2025-20369
The CVE-2025-20369 affects Splunk Enterprise and Splunk Cloud Platform. A low-privilege user not in admin/power roles can perform an XML External Entity (XXE) injection via the dashboard tab label field, potentially enabling Denial of Service (DoS). Affected versions include Splunk Enterprise <...
USN-7790-1: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AMD CDX bus driver; - DP...
CVE-2022-50433 efi: ssdt: Don't free memory if ACPI table was loaded successfully
In the Linux kernel, the following vulnerability has been resolved: efi: ssdt: Don't free memory if ACPI table was loaded successfully Amadeusz reports KASAN use-after-free errors introduced by commit 3881ee0b1edc "efi: avoid efivars layer when loading SSDTs from variables". The problem appears t...
Delta Electronics EIP Builder EIP File Parsing XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Electronics EIP Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
ROS-20250930-03
The polkit service vulnerability is related to a boundary validation error when processing XML policies with a nesting depth of 32 or more elements. of 32 or more elements. Exploitation of the vulnerability could allow an attacker to compromise a compromised vulnerable system...
CVE-2025-11140 Bjskzy Zhiyou ERP com.artery.richclient.RichClientService openForm xml external entity reference
A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is the function openForm of the component com.artery.richclient.RichClientService. Such manipulation of the argument contentString leads to xml external entity reference. The attack can be executed...
sparta
This is a network infrastructure penetration testing tool called SPARTA. It is a Python GUI application that simplifies the scanning and enumeration phase of penetration testing by providing point-and-click access to various tools and displaying all tool output in a convenient way. The tool...
Wazuh 安全漏洞
Wazuh is a Wazuh open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. A security vulnerability exists in Wazuh version 3.8.0 through versions prior to 4.11.0 that stems from a heap...