Lucene search
+L

21 matches found

osv
osv
added 2026/06/21 4:16 p.m.4 views

ALPINE-CVE-2026-56403

libexpat before 2.8.2 has an integer overflow in storeAtts...

6.9CVSS5.8AI score0.00102EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/21 12:0 a.m.14 views

PT-2026-51246

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description The xmlwf component contains an integer overflow in the resolveSystemId function. An integer overflow occurs when an arithmetic operation results in a value that exceeds the maximum size of the...

6.9CVSS5.8AI score0.0011EPSS
Exploits0References6
euvd
euvd
added 2026/04/16 6:31 p.m.5 views

EUVD-2026-23276

libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...

2.9CVSS5.8AI score0.00398EPSS
Exploits0References3
hp
hp
added 2026/02/25 12:0 a.m.16 views

Certain HP LaserJet Enterprise and HP LaserJet Managed Printers – Potential Denial of Service & Potential Buffer Overflow

Certain HP LaserJet Enterprise and HP LaserJet Managed Printers may experience a potential buffer overflow and potential denial of service when utilizing the open-source libexpat XML parsing library within their firmware stacks. Update your printer firmware...

9.8CVSS5.6AI score0.34174EPSS
Exploits1
snyk
snyk
added 2026/01/30 7:51 a.m.10 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the doContent function in xmlparse.c. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted input that triggers an integer overflow. Remediation...

7.8CVSS6AI score0.00193EPSS
Exploits0References2
osv
osv
added 2026/01/30 6:40 a.m.7 views

CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

6.9CVSS6AI score0.00193EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54057

Malicious code in bioql PyPI...

7.5CVSS7.9AI score0.01569EPSS
Exploits0References25
openvas
openvas
added 2025/09/17 12:0 a.m.0 views

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2025-2156)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.01569EPSS
Exploits0References2
f5
f5
added 2025/06/16 12:58 a.m.16 views

K000151869: libexpat vulnerability CVE-2024-8176

Security Advisory Description A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stac...

7.5CVSS7.2AI score0.01569EPSS
Exploits0Affected Software2
ibm
ibm
added 2025/06/13 4:26 p.m.12 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a stack overflow vulnerability in libexpat library [CVE-2024-8176]

Summary IBM Watson Speech Services Cartridge is vulnerable to a stack overflow vulnerability in libexpat library, due to the way it handles recursive entity expansion in XML documents CVE-2024-8176. The libexpat library is used as part of our speech utilities. This vulnerabilitiy has been...

7.5CVSS7.6AI score0.01569EPSS
Exploits0Affected Software1
nessus
nessus
added 2025/06/12 12:0 a.m.4 views

EulerOS 2.0 SP11 : expat (EulerOS-SA-2025-1652)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an...

7.5CVSS6.8AI score0.01569EPSS
Exploits0References2
nessus
nessus
added 2025/05/14 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0056: expat (ALINUX3-SA-2025:0056)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0056 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-8176: A stack overflow vulnerability exist...

7.5CVSS6.8AI score0.01569EPSS
Exploits0References2
nessus
nessus
added 2025/05/14 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0057: xmlrpc-c (ALINUX3-SA-2025:0057)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0057 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-8176: A stack overflow vulnerability exist...

7.5CVSS6.8AI score0.01569EPSS
Exploits0References2
cert
cert
added 2025/05/09 12:0 a.m.27 views

libexpat library is vulnerable to DoS attacks through stack overflow

Overview A stack overflow vulnerability has been discovered within the libexpat open source library. When parsing XML documents with deeply nested entity references, libexpat can recurse indefinitely. This can result in exhaustion of stack space and a crash. An attacker can weaponize this to eith...

7.5CVSS8AI score0.01569EPSS
Exploits0References17
nvd
nvd
added 2025/03/14 9:15 a.m.16 views

CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

7.5CVSS0.01569EPSS
Exploits0References39
cve
cve
added 2025/03/14 8:19 a.m.321 views

CVE-2024-8176

CVE-2024-8176 describes a stack overflow in the libexpat XML parser caused by recursive entity expansion on deeply nested XML references. This can lead to DoS and, in some environments, memory corruption. Public details in the provided documents confirm affected component (libexpat) and the root ...

7.5CVSS7.5AI score0.01569EPSS
Exploits0References39
osv
osv
added 2025/03/14 8:19 a.m.32 views

CVE-2024-8176 Libexpat: expat: improper restriction of xml entity expansion depth in libexpat

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

7.5CVSS6.9AI score0.01569EPSS
Exploits0References44
debiancve
debiancve
added 2025/03/14 8:19 a.m.8 views

CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

7.5CVSS7AI score0.01569EPSS
Exploits0
alpinelinux
alpinelinux
added 2025/03/14 8:19 a.m.98 views

CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

7.5CVSS7.6AI score0.01569EPSS
Exploits0
redhatcve
redhatcve
added 2025/03/14 8:19 a.m.13 views

CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

7.5CVSS7.5AI score0.01569EPSS
Exploits0References4
Rows per page
Query Builder