CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в expat, libxmltok

A issue was discovered in libexpat before version 2.6.3. In xmlparse.c, a negative length value for XMLParseBuffer is allowed without being rejected...

9.8CVSS6.9AI score0.00613EPSS

Exploits0References2

Tenable Nessus•added 2026/01/17 12:0 a.m.•3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: mingw-expat (UTSA-2026-004806)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004806 advisory. An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. Tenable has extracted the preceding description...

9.8CVSS6.8AI score0.00613EPSS

Exploits0References4

OSV•added 2025/12/23 12:23 p.m.•1 views

SUSE-SU-2025:4512-1 Security update for mozjs52

This update for mozjs52 fixes the following issues: - CVE-2024-45491: Fixed integer overflow in dtdCopy bsc1230037 - CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 - CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart bsc1230038 - CVE-2024-45490: Fixed negative len for...

9.8CVSS7AI score0.02269EPSS

Exploits0References9

RedHat Linux•added 2025/04/02 5:6 p.m.•1 views

libexpat: Negative Length Parsing Vulnerability in libexpat

A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XMLParseBuffer function...

9.8CVSS7.3AI score0.00613EPSS

Exploits0References7

IBM Security Bulletins•added 2024/10/29 1:46 p.m.•20 views

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to OpenSSL and libexpat

Summary OpenSSL and Libexpat used by IBM MQ Operator and Queue Manager container images are vulnerable to denial of service due to improper memory allocation, and providing weaker than expected security which might allow an attacker to execute arbitrary code on the system. This bulletin identifie...

9.8CVSS8.3AI score0.14258EPSS

Exploits0Affected Software1

SUSE CVE•added 2024/08/30 10:4 a.m.•1 views

SUSE CVE-2024-45490

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...

6.2CVSS8.1AI score0.00613EPSS

Exploits0References19

OSV•added 2024/08/30 3:15 a.m.•2 views

AZL-48369 CVE-2024-45490 affecting package expat for versions less than 2.6.3-1

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...

7.5CVSS6.9AI score0.00613EPSS

Exploits0References1

OSV•added 2024/08/30 3:15 a.m.•1 views

ALPINE-CVE-2024-45490

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...

7.5CVSS8.5AI score0.00613EPSS

Exploits0References1

OSV•added 2024/08/30 3:15 a.m.•1 views

AZL-48372 CVE-2024-45490 affecting package expat for versions less than 2.6.3-1

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...

7.5CVSS6.9AI score0.00613EPSS

Exploits0References1

OSV•added 2021/01/13 12:1 a.m.•9 views

OSV-2018-222 Heap-buffer-overflow in resip::ParseBuffer::qVal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6713 Crash type: Heap-buffer-overflow READ 1 Crash state: resip::ParseBuffer::qVal resip::QValueParameter::QValueParameter resip::QValueParameter::decode...

7.2AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by