CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/20 12:4 p.m.•2 views

BIT-PYTHON-2026-4224 Stack overflow parsing XML with deeply nested DTD content models

When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs...

7.5CVSS5.8AI score0.00049EPSS

Exploits0References10

OSV•added 2026/05/20 12:4 p.m.•0 views

BIT-PYTHON-MIN-2026-4224 Stack overflow parsing XML with deeply nested DTD content models

When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs...

7.5CVSS5.8AI score0.00049EPSS

Exploits0References10

RedHat Linux•added 2026/05/20 10:8 a.m.•8 views

Moderate: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6.6AI score0.0005EPSS

Exploits0References3

RedHat Linux•added 2026/05/20 10:8 a.m.•10 views

glib: GLib: Buffer underflow in GVariant parser leads to heap corruption

A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...

9.8CVSS6.2AI score0.0005EPSS

Exploits0References5

RedHat Linux•added 2026/05/20 9:57 a.m.•10 views

glib: GLib: Buffer underflow in GVariant parser leads to heap corruption

9.8CVSS6.2AI score0.0005EPSS

Exploits0References5

RedHat Linux•added 2026/05/20 9:57 a.m.•8 views

Moderate: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS5.8AI score0.0005EPSS

RedHat Linux•added 2026/05/20 9:46 a.m.•9 views

glib: GLib: Buffer underflow in GVariant parser leads to heap corruption

9.8CVSS6.2AI score0.0005EPSS

Exploits0References5

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL Magick Scripting Language parser when processing tags before images are loaded. This can lead to DoS attacks due to...

7.5CVSS5.8AI score0.00024EPSS

7.5CVSS6.8AI score0.0023EPSS

Astra Linux - уязвимость в libxml2

A issue was discovered in libxml2 before version 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, several integer counters may overflow. This leads to an attempt to access an array at a negative 2GB offset, typically resulting in a segmentation fault...

Exploits2References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в raptor2

In the Raptor RDF Syntax Library version 2.0.16, there is an integer underflow issue when normalizing a URI using the turtle parser in the raptorurinormalizepath function...

9.3CVSS7.1AI score0.0004EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•9 views

Astra Linux - уязвимость в cgal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

10CVSS7.7AI score0.00529EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux - уязвимость в cgal

10CVSS7.7AI score0.00678EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs: Fixed an out-of-bounds read in the rtwgetie parser. The Information Element IE parser in rtwgetie trusted the length byte of each Information Element without verifying that the IE body len bytes after the 2-by...

5.7AI score0.00058EPSS

10CVSS7.7AI score0.0069EPSS

Astra Linux - уязвимость в cgal

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в cgal

10CVSS7.7AI score0.00567EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в firefox, thunderbird, expat

A issue was discovered in libexpat before version 2.6.4. There is a crash within the XMLResumeParser function, as XMLStopParser can stop/suspend a parser that has not been started...

5.9CVSS6.9AI score0.00127EPSS

7.1CVSS6.2AI score0.00081EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Media: Venus: HFI parser refactoring of packet parsing logic wordscount represents the number of words in the total payload, while data points to the payload of various properties within it. When wordscount reaches the last word,...

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в pkgconf

In pkgconf up to 1.9.3, variable duplication can lead to unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleParse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

5.5CVSS6AI score0.00031EPSS

10CVSS7.7AI score0.00678EPSS

Astra Linux - уязвимость в cgal