BIT-JAVA-MIN-2025-32414

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...

[SECURITY] Fedora 44 Update: uriparser-1.0.1-1.fc44

Uriparser is a strictly RFC 3986 compliant URI parsing library written in C. uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license...

MAL-2026-2676 Malicious code in moscova-plural-json-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a51fa685cb52dec458580533d514310ee1449c22a04bf82f6f1fc1e9e7b9db5 The package moscova-plural-json-parser was found to contain malicious code. Source: ghsa-malware...

Atlassian Jira Service Management Data Center and Server 5.17.2 < 10.3.17 / 10.4.x < 11.3.0 (JSDSERVER-16515)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16515 advisory. - Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are...

XML Entity Expansion

Overview org.webjars.npm:fast-xml-parser is a Validate XML, Parse XML, Build XML without C/C++ based libraries Affected versions of this package are vulnerable to XML Entity Expansion in replaceEntitiesValue when handling excessive DOCTYPE input. An attacker can cause excessive resource consumpti...

CVE-2025-14731

CVE-2025-14731 affects CTCMS Content Management System up to version 2.1.2. The issue resides in the Frontend/Template Management Module, specifically the library file /ctcms/apps/libraries/CT_Parser.php, where improper neutralization of special elements used in the template engine is reported. T...

EUVD-2018-19840

Malware in sbrugna...

EUVD-2024-50002

Malicious code in bioql PyPI...

CVE-2025-11013

A vulnerability was identified in BehaviorTree up to 4.7.0. This vulnerability affects the function XMLParser::PImpl::loadDocImpl of the file /src/xmlparsing.cpp of the component XML Parser. The manipulation leads to null pointer dereference. The attack can only be performed from a local...

CVE-2024-9546

The WPIDE – File Manager & Code Editor plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.4.9. This is due to the plugin utilizing the PHP-Parser library, which outputs parser rebuild command execution results. This makes it possible for...

Linux Distros Unpatched Vulnerability : CVE-2017-9233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XML External Entity vulnerability in libexpat 2.2.0 and earlier Expat XML Parser Library allows attackers to put the parser in an infinite loop using a malforme...

PT-2024-39690 · Unknown +1 · Php-Parser +1

Name of the Vulnerable Software and Affected Versions: WPIDE – File Manager & Code Editor plugin for WordPress versions up to, and including, 3.4.9 Description: The WPIDE – File Manager & Code Editor plugin for WordPress is vulnerable to Full Path Disclosure. This issue arises from the plugin's...

expat security update

An update is available for expat. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Expat is a C library for parsing XML documents. Security Fixes: libexpat:...

SUSE CVE-2023-29451

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...

Security Bulletin: Multiple Vulnerabilities in Expat component shipped with IBM Rational ClearCase ( CVE-2022-23852, CVE-2022-23990, CVE-2022-25235, CVE-2022-25315 )

Summary libexpat is a stream-oriented XML parser library used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-23852 DESCRIPTION: Expat aka libexpat could allow a remote attacker to execute arbitrary code on the system, caus...

Duplicate Advisory: Embedded malware in ua-parser-js

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pjwm-rvh2-c87w. This link is maintained to preserve external references. Original Description A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the...

libiff buffer overflow vulnerability

libiff is a portable and extensible parser library for EA-IFF 85 implemented in ANSI C. A global buffer overflow vulnerability exists in the IFFerrorId function in error.c in libiff 20190123 and earlier versions. An attacker could exploit this vulnerability to execute code...

GHSA-662X-FHQG-9P8V Regular Expression Denial of Service in ua-parser-js

The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service ReDoS via the regex for Redmi Phones and Mi Pad Tablets UA...

CVE-2019-12154

XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to supply malicious XML content in externally referenced resources, leading to disclosure of local file contents and/or denial of service conditions...

VulnCheck KEV: CVE-2014-6287

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server HFS or HttpFileServer allows remote attackers to execute arbitrary programs...