Lucene search
+L

18 matches found

OSV
OSV
added 2 days ago6 views

UBUNTU-CVE-2026-57075

YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syckbase64dec. The base64 decoder in the bundled libsyck indexes the 256-entry static table b64xtable with a signed char, so any !!binary byte = 0x80 sign-extends to a negative index and...

9.1CVSS5.3AI score0.00394EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-60593

Name of the Vulnerable Software and Affected Versions YAML::Syck versions prior to 1.47 Description An out-of-bounds read exists in the base64 decoder of the bundled libsyck. The issue occurs in the syck base64dec function, where the 256-entry static table b64 xtable is indexed using a signed cha...

9.1CVSS5.2AI score0.00394EPSS
Exploits0References15
OSV
OSV
added 2026/05/08 5:46 a.m.7 views

BIT-JRE-2025-24928

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...

7.8CVSS7.4AI score0.00374EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2002-0168

Malware in sbrugna...

4.6CVSS6.4AI score0.00406EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-14660

Malicious code in bioql PyPI...

7.8CVSS4.8AI score0.00178EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/06/01 12:0 a.m.6 views

FreeBSD : libxml2 -- Stack-based Buffer Overflow (fdd02be0-3e50-11f0-95d4-00a098b42aeb)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fdd02be0-3e50-11f0-95d4-00a098b42aeb advisory. [email protected] reports: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflo...

7.8CVSS6.7AI score0.00374EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/05/13 7:56 a.m.28 views

libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2

A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD...

7.8CVSS7.5AI score0.00374EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/04/20 12:0 a.m.56 views

CVE-2025-43929

openactions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document e.g., a document opened in KDE ghostwriter...

4.1CVSS0.00178EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2025/04/20 12:0 a.m.19 views

CVE-2025-43929

openactions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document e.g., a document opened in KDE ghostwriter...

7.8CVSS4.9AI score0.00178EPSS
Exploits1
OSV
OSV
added 2025/04/20 12:0 a.m.29 views

CVE-2025-43929

openactions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document e.g., a document opened in KDE ghostwriter...

4.1CVSS6.8AI score0.00178EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2025/04/02 5:6 p.m.4 views

libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2

A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD...

7.8CVSS7.5AI score0.00374EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.16 views

CentOS 9 : libxml2-2.9.13-9.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the libxml2-2.9.13-9.el9 build changelog. - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD...

7.8CVSS6.8AI score0.00374EPSS
Exploits0References2
NVD
NVD
added 2025/02/18 11:15 p.m.20 views

CVE-2025-24928

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...

7.8CVSS0.00374EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/18 12:0 a.m.19 views

CVE-2025-24928

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...

7.8CVSS0.00374EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/18 12:0 a.m.13 views

CVE-2025-24928

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...

7.8CVSS7.8AI score0.00374EPSS
Exploits0References2
CVE
CVE
added 2025/02/18 12:0 a.m.292 views

CVE-2025-24928

CVE-2025-24928 affects libxml2 (versions before 2.12.10 and 2.13.x before 2.13.6) with a stack-based buffer overflow in xmlSnprintfElements (valid.c) that requires DTD validation for exploitation. Remediation per connected docs: upgrade libxml2 to 2.12.10+ or 2.13.6+ (e.g., via libxml2 update) an...

7.8CVSS7.5AI score0.00374EPSS
Exploits0References4Affected Software5
FreeBSD
FreeBSD
added 2025/02/18 12:0 a.m.10 views

libxml2 -- Stack-based Buffer Overflow

[email protected] reports: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...

7.4AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/05/14 8:15 p.m.182 views

CVE-2021-3537

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest...

5.9CVSS6.6AI score0.03503EPSS
In wildExploits0References12
Rows per page
Query Builder