Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20081 matches found

Fedora
Fedoraadded 2026/05/21 1:28 a.m.7 views

[SECURITY] Fedora 43 Update: mingw-expat-2.8.1-1.fc43

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

7.5CVSS5.8AI score0.00013EPSS
Exploits0
Fedora
Fedoraadded 2026/05/21 12:57 a.m.8 views

[SECURITY] Fedora 44 Update: mingw-expat-2.8.1-1.fc44

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

7.5CVSS5.8AI score0.00013EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/05/21 12:0 a.m.6 views

PT-2026-42692

Description The obj.expr dynamic-attribute syntax added in 3.15.0 as the replacement for the deprecated attribute function lets the attribute be an arbitrary expression. When the receiver is self or any % import % alias and the parenthesised expression is a string literal, DotExpressionParser...

8.7CVSS6AI score
Exploits0References9
Positive Technologies
Positive Technologiesadded 2026/05/21 12:0 a.m.4 views

PT-2026-42697

Impact A maliciously crafted .onetoc2 table-of-contents file can cause Parser::parse notebook to open arbitrary files on the host filesystem outside the notebook's directory. The parser reads entry names listed inside the .onetoc2 and joins them against the notebook's base directory without...

4.4CVSS6AI score
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/05/21 12:0 a.m.4 views

PT-2026-42595

Impact A maliciously crafted .onetoc2 table-of-contents file can cause Parser::parse notebook to open arbitrary files on the host filesystem outside the notebook's directory. The parser reads entry names listed inside the .onetoc2 and joins them against the notebook's base directory without...

4.4CVSS6AI score
Exploits0References6
OSV
OSVadded 2026/05/20 11:16 p.m.2 views

DEBIAN-CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS6AI score0.00014EPSS
Exploits0References1
NVD
NVDadded 2026/05/20 11:16 p.m.7 views

CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS0.00014EPSS
Exploits0References3
OSV
OSVadded 2026/05/20 11:16 p.m.1 views

UBUNTU-CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS6AI score0.00014EPSS
Exploits0References6
Debian CVE
Debian CVEadded 2026/05/20 11:7 p.m.3 views

CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS6.1AI score0.00014EPSS
Exploits0
Cvelist
Cvelistadded 2026/05/20 11:7 p.m.28 views

CVE-2026-9150 Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS0.00014EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/05/20 11:2 p.m.7 views

CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS6.1AI score0.00014EPSS
Exploits0References4
Snyk
Snykadded 2026/05/20 3:35 p.m.5 views

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the Parser::cleanup function. Symfony\Component\Yaml\Parser::cleanup strips the optional %YAML directive header, leading comments, and document start/end markers before parsing. The origina...

6.9CVSS5.8AI score
Exploits0References2
Snyk
Snykadded 2026/05/20 3:35 p.m.7 views

Missing Authentication for Critical Function

Overview symfony/twilio-notifier is a Symfony Twilio Notifier Bridge Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the doParse webhook request parser in the notifier bridge. An attacker can submit forged webhook status events because the pars...

6.9CVSS5.7AI score
Exploits0References2
Snyk
Snykadded 2026/05/20 3:35 p.m.11 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via Unbounded Recursion in Nested Blocks, Sequences, and Mappings. Symfony\Component\Yaml\Parser is the entry point for parsing YAML strings into PHP values via Yaml::parse. When the parser is exposed to...

8.7CVSS5.8AI score
Exploits0References2
OSV
OSVadded 2026/05/20 12:4 p.m.2 views

BIT-PYTHON-2026-4224 Stack overflow parsing XML with deeply nested DTD content models

When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs...

7.5CVSS5.8AI score0.0005EPSS
Exploits0References10
OSV
OSVadded 2026/05/20 12:4 p.m.0 views

BIT-PYTHON-MIN-2026-4224 Stack overflow parsing XML with deeply nested DTD content models

When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs...

7.5CVSS5.8AI score0.0005EPSS
Exploits0References10
RedHat Linux
RedHat Linuxadded 2026/05/20 10:8 a.m.8 views

Moderate: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6.6AI score0.0005EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2026/05/20 10:8 a.m.10 views

glib: GLib: Buffer underflow in GVariant parser leads to heap corruption

A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...

9.8CVSS6.2AI score0.0005EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/05/20 9:57 a.m.10 views

glib: GLib: Buffer underflow in GVariant parser leads to heap corruption

A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...

9.8CVSS6.2AI score0.0005EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/05/20 9:57 a.m.8 views

Moderate: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS5.8AI score0.0005EPSS
Exploits0References2
Rows per page
Query Builder