11880 matches found
CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
UBUNTU-CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
CVE-2026-41080
CVE-2026-41080 affects libexpat prior to 2.7.6, where insufficient entropy in the hash function allows hash flooding when processing crafted XML documents. The CVE is broadly referenced across OSV, Debian, Red Hat, and Ubuntu entries, with the core impact described as a potential DoS due to resou...
CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
CVE-2026-41080
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
CLSA-2026-1776343034 haproxy: Fix of CVE-2023-45539
CVE-2023-45539: reject '' as part of the URI to prevent ACL bypass via pathend rules...
Arbitrary File Deletion
Gin-vue-admin is vulnerable to arbitrary file deletion. The vulnerability is due to improper validation of the FileMd5 parameter, which allows an attacker to manipulate file paths and delete arbitrary files or folders on the server...
perl:5.32 security update
perl 4:5.32.1-474 - Resolves: RHEL-153834 - Fix CVE-2025-40909 - Clone dirhandles without fchdir 4:5.32.1-473 - Fix CVE-2023-47038 - Added perl-autouse and perl-ExtUtils-MM-Utils to perl run-requires 4:5.32.1-472 - Add definition of OPTIMIZE to .ph files, if optimizing is used bug2159760...
(lib)expat -- Insufficient entropy
https://github.com/libexpat/libexpat/pull/1183 reports: libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...
libexpat 安全漏洞
libexpat is a streaming XML parser written in C language by the libexpat team. Versions of libexpat prior to 2.7.6 had security vulnerabilities; these vulnerabilities were due to insufficient entropy, which could allow for hash flood attacks via specially crafted XML documents...
Linux Distros Unpatched Vulnerability : CVE-2026-41080
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document. CVE-2026-41080 Note that Nessus relies on the...
PT-2026-33342
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.7.6 Description The software uses insufficient entropy, which allows hash flooding to occur through a specially crafted XML document. Hash flooding is a technique where many different inputs are designed to produce...
EUVD-2026-22991
Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricking users into cloning a malicious repository, or checking out a malicious branch, that accesses a...
CVE-2026-32631
Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricking users into cloning a malicious repository, or checking out a malicious branch, that accesses a...
Security update for nodejs20
This update for nodejs20 fixes the following issues: Update to version 20.20.2. CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism allows for performance degradation via a crafted request bsc1260494. CVE-2026-21716: incomplete fix for CVE-2024-36137...
SUSE-SU-2026:1371-1 Security update for nodejs20
This update for nodejs20 fixes the following issues: Update to version 20.20.2. - CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism allows for performance degradation via a crafted request bsc1260494. - CVE-2026-21716: incomplete fix for...
Security update for nodejs20
This update for nodejs20 fixes the following issues: Update to version 20.20.2. CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism allows for performance degradation via a crafted request bsc1260494. CVE-2026-21716: incomplete fix for CVE-2024-36137...