Unity Linux 20.1070e Security Update: expat (UTSA-2026-017374)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017374 advisory. Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. Tenable has extracted the preceding...

Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-23852)

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

OSV-2023-1088 Heap-buffer-overflow in arrow::Status arrow::Result<std::__1::unique_ptr<arrow::Buffer, std::__1::defaul

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63679 Crash type: Heap-buffer-overflow WRITE 8 Crash state: arrow::Status arrow::Resultstd::1::uniqueptrarrow::Buffer, std::1::defaul arrow::ipc::ArrayLoader::GetBuffer arrow::ipc::ArrayLoader::Visit...

PT-2023-35552 · Apache · Arrow::Ipc::Arrayloader

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow error, which occurs when writing 8 bytes. The error is observed in the arrow::ipc::ArrayLoader component,...

DEBIAN-CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

AZL-7835 CVE-2022-23852 affecting package expat for versions less than 2.4.8-1

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

ALPINE-CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

UBUNTU-CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

libexpat 输入验证错误漏洞

libexpat is a streaming XML parser written in the C language. An input validation error vulnerability exists in Libexpat that stems from the product's XMLGetBuffer not effectively limiting the range of signed integers. An attacker could cause a buffer overflow by configuring a special XML byte. T...

CVE-2021-22550 Enclave memory overwrite/overread vulnerability in Asylo UntrustedCacheMalloc::GetBuffer

An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. It is recommended to update past 0.6.3 or git commit https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c...

chromium-browser: Heap-buffer-overflow in expat.

Multiple integer overflows in the XMLGetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted XML data, a related...

DLA-281-1 expat - security update

Bulletin has no description...

Google Chrome Expat Integer Overflow Vulnerability

Google Chrome is a U.S. Google Google company developed a Web browser. Expat is a U.S. software developer Jim Clark developed a C-based XML parser library, which uses a stream-oriented parser. An integer overflow vulnerability exists in the 'XMLGetBuffer' function in Expat 2.1.0 and earlier...

expat: Integer overflow leading to buffer overflow in XML_GetBuffer()

Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283...