12 matches found
SUSE-SU-2026:20627-1 Security update for expat
This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XMLSetUnknownEncodingHandler may cause a NULL dereference bsc1257144. - CVE-2026-25210: lack of buffer size check can lead to an integer overflow bsc1257496...
SUSE-SU-2026:20481-1 Security update for expat
This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XMLSetUnknownEncodingHandler may cause a NULL dereference bsc1257144. - CVE-2026-25210: lack of buffer size check can lead to an integer overflow bsc1257496...
SUSE-SU-2026:20350-1 Security update for expat
This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XMLSetUnknownEncodingHandler may cause a NULL dereference bsc1257144. - CVE-2026-25210: lack of buffer size check can lead to an integer overflow bsc1257496...
CLSA-2026-1770732201 Fix CVE(s): CVE-2026-24515
SECURITY UPDATE: XMLExternalEntityParserCreate failure to copy the encoding handler data can cause a NULL dereference. - debian/patches/CVE-2026-24515.patch: Make XMLExternalEntityParserCreate copy unknown encoding handler user data - CVE-2026-24515...
CLSA-2026-1770707507 Fix CVE(s): CVE-2026-24515
SECURITY UPDATE: Make XMLExternalEntityParserCreate copy unknown encoding handler user data - debian/patches/CVE-2026-24515.patch: copy unknown encoding handler user data and add tests to cover effect - CVE-2026-24515...
CLSA-2026-1770648617 expat: Fix of CVE-2026-24515
CVE-2026-24515: make XMLExternalEntityParserCreate copy unknown encoding handler user data...
CLSA-2026-1770648267 expat: Fix of CVE-2026-24515
CVE-2026-24515: make XMLExternalEntityParserCreate copy unknown encoding handler user data...
CVE-2026-24515
In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...
EUVD-2025-25493
Malicious code in bioql PyPI...
CVE-2025-55371
Incorrect access control in the component /controller/PersonController.java of jshERP v3.5 allows unauthorized attackers to obtain all the information of the handler by executing the getAllList method...
Linux Distros Unpatched Vulnerability : CVE-2018-6043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in External Protocol Handler in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially execute arbitrary...
FreeBSD-SA-19:23.midi
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:23.midi Security Advisory The FreeBSD Project Topic: kernel memory disclosure from /dev/midistat Category: core Module: sound Announced: 2019-08-20 Credits:...