Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2018-14404)

A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATHOPAND or XPATHOPOR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerab...

CVE-2025-62162 cel-rust May Panic During Parsing of Invalid CEL Expressions

cel-rust is a Common Expression Language interpreter written in Rust. Starting in version 0.10.0 and prior to version 0.11.4, parsing certain malformed CEL expressions can cause the parser to panic, terminating the process. When the crate is used to evaluate untrusted expressions e.g.,...

CVE-2025-62162

CVE-2025-62162 — cel-rust DoS via malformed CEL expressions . The vulnerability affects the CEL interpreter written in Rust, specifically versions 0.10.0 through before 0.11.4. Parsing certain malformed CEL expressions can cause the parser to panic and terminate the process, enabling a denial of ...

EUVD-2021-2257

Malware in sbrugna...

jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

SUSE CVE-2008-0171

regex/v4/perlmatchernonrecursive.hpp in the Boost regex library aka Boost.Regex in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service failed assertion and crash via an invalid regular expression...

jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

Improper Input Validation in Jakarta Expression Language

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

GHSA-V6W3-2PRQ-H95F Improper Input Validation in Jakarta Expression Language

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...

hibernate-validator: Improper input validation in the interpolation of constraint error messages

A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation escaping, stripping controls that developers may have put in place...

CVE-2021-28170

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...