CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

38 matches found

Tenable Nessus•added 2026/06/10 12:0 a.m.•6 views

EulerOS 2.0 SP13 : expat (EulerOS-SA-2026-2328)

According to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.CVE-2026-32778...

5.5CVSS7.3AI score0.00209EPSS

Exploits1References4

Tenable Nessus•added 2026/05/09 12:0 a.m.•4 views

Unity Linux 20.1070e Security Update: expat (UTSA-2026-016783)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016783 advisory. libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content. Tenable has extracted the preceding description block directly...

5.5CVSS5.8AI score0.0014EPSS

Exploits0References4

OSV•added 2026/05/01 5:50 p.m.•6 views

JLSEC-2026-381

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

5.5CVSS5.8AI score0.0014EPSS

Exploits0References2

OSV•added 2026/04/11 2:5 p.m.•2 views

OESA-2026-1886 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.CVE-2026-32776 libexpat...

5.5CVSS5.8AI score0.00209EPSS

Exploits1References3

OSV•added 2026/04/11 2:5 p.m.•2 views

OESA-2026-1885 expat security update

5.5CVSS5.8AI score0.00209EPSS

Exploits1References3

Tenable Nessus•added 2026/04/04 12:0 a.m.•4 views

openSUSE 16 Security Update : expat (openSUSE-SU-2026:20448-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20448-1 advisory. - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259726. -...

5.5CVSS6AI score0.00209EPSS

Exploits1References9

OSV•added 2026/04/02 1:8 a.m.•3 views

SUSE-SU-2026:1166-1 Security update for expat

This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259726. - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing bsc1259711. - CVE-2026-3277...

5.5CVSS5.9AI score0.00209EPSS

Exploits1References7

OSV•added 2026/03/31 3:3 p.m.•3 views

SUSE-SU-2026:1159-1 Security update for expat

5.5CVSS5.9AI score0.00209EPSS

Exploits1References7

OSV•added 2026/03/30 3:1 p.m.•3 views

SUSE-SU-2026:20985-1 Security update for expat

5.5CVSS5.8AI score0.00209EPSS

Exploits1References7

OSV•added 2026/03/30 2:59 p.m.•1 views

OPENSUSE-SU-2026:20448-1 Security update for expat

5.5CVSS5.9AI score0.00209EPSS

Exploits1References6

OSV•added 2026/03/25 10:12 a.m.•5 views

CLSA-2026-1774433526 expat: Fix of CVE-2026-32776

CVE-2026-32776: fix NULL pointer dereference in storeEntityValue with empty external parameter entity content...

5.5CVSS5.8AI score0.0014EPSS

Exploits0References1

SUSE CVE•added 2026/03/17 12:24 a.m.•2 views

SUSE CVE-2026-32776

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

7.5CVSS5.8AI score0.0014EPSS

Exploits0References17

EUVD•added 2026/03/16 3:30 p.m.•1 views

EUVD-2026-12347

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

4CVSS5.8AI score0.0014EPSS

Exploits0References3

OSV•added 2026/03/16 2:19 p.m.•0 views

ALPINE-CVE-2026-32776

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

5.5CVSS5.8AI score0.0014EPSS

Exploits0References1

NVD•added 2026/03/16 2:19 p.m.•3 views

CVE-2026-32776

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

5.5CVSS0.0014EPSS

Exploits0References2

OSV•added 2026/03/16 2:19 p.m.•2 views

CVE-2026-32776

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

5.5CVSS5.8AI score

Exploits0References2

OSV•added 2026/03/16 2:19 p.m.•2 views

UBUNTU-CVE-2026-32776

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content...

5.5CVSS5.8AI score0.0014EPSS

Exploits0References3

RedhatCVE•added 2026/03/16 1:54 p.m.•4 views

CVE-2026-32776

A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted XML content with empty external parameter entities. This could lead to a NULL pointer dereference, causing the application to crash and resulting in a Denial of Service DoS. Mitigation...

6.2CVSS5.7AI score0.0014EPSS

Exploits0References5

Snyk•added 2026/03/16 8:45 a.m.•1 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the external parameter entity with empty text if referenced inside an entity declaration value processing. An attacker can cause a denial of service by providing empty content to this component. Remediation...

7.5CVSS5.8AI score0.0014EPSS

Exploits0References2