54205 matches found
CVE-2026-56406
libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...
CVE-2026-56405
libexpat before 2.8.2 has an integer overflow in getAttributeId...
EUVD-2026-38182
libexpat before 2.8.2 has an integer overflow in getAttributeId...
CVE-2026-56405
libexpat before 2.8.2 has an integer overflow in getAttributeId...
CVE-2026-56405
libexpat before 2.8.2 has an integer overflow in getAttributeId...
CVE-2026-56405
The connected sources specify a vulnerability in libexpat up to version 2.8.2, caused by an integer overflow in getAttributeId. The CVE entry lists this as CVE-2026-56405 with a CVSS v3.1 base score of 6.9 (Medium) and a Local attack vector, requiring high attack complexity, no privileges, and no...
EUVD-2026-38181
libexpat before 2.8.2 has an integer overflow in addBinding...
CVE-2026-56404
libexpat before 2.8.2 has an integer overflow in addBinding...
EUVD-2026-38180
libexpat before 2.8.2 has an integer overflow in storeAtts...
CVE-2026-56403
libexpat before 2.8.2 has an integer overflow in storeAtts...
CVE-2026-56403
libexpat before 2.8.2 has an integer overflow in storeAtts...
CVE-2026-56403
CVE-2026-56403 affects libexpat prior to 2.8.2, with an integer overflow in storeAtts. Local attack vector, high complexity, no user interaction, requires no privileges. Impact: confidentiality and integrity likely high; availability low. Base score 6.9 (CVSS 3.1). No exploitation details or reme...
Linux Distros Unpatched Vulnerability : CVE-2026-56403
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 has an integer overflow in storeAtts. CVE-2026-56403 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-49346
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit...
Linux Distros Unpatched Vulnerability : CVE-2026-56411
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations. CVE-2026-56411 Note that Nessus relies on the presence of th...
kernel: rxrpc: Fix RxGK token loading to check bounds
A flaw was found in the Linux kernel's rxrpc subsystem. An unprivileged local user could exploit an integer overflow vulnerability in the rxrpcpreparsexdryfsrxgk function. This flaw occurs when processing specially crafted key and ticket lengths, causing an incorrect memory allocation size...
SUSE SLES15 Security Update : ffmpeg-4 (SUSE-SU-2026:2444-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2444-1 advisory. This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: - CVE-2023-6601: HLS Unsafe File Extension Bypass...
CVE-2026-49346 libde265 has a heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow in de265imagegetbuffer libde265/image.cc:128. The overflow wraps the plane allocation size to a sma...
CVE-2026-3196 Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocation
An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...
CVE-2026-3196
An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...