Lucene search
K

13 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/27 8:5 a.m.17 views

libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse.

...

6.9CVSS5.8AI score0.00102EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.12 views

CVE-2026-56406

A flaw was found in libexpat. An integer overflow vulnerability exists in the XMLParseBuffer function due to a missing check. This flaw could allow an attacker to cause memory corruption, potentially leading to arbitrary code execution, information disclosure, or a denial of service. Mitigation...

6.9CVSS5.9AI score0.00102EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/21 3:48 p.m.34 views

CVE-2026-56406

libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...

6.9CVSS0.00102EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/21 3:48 p.m.7 views

CVE-2026-56406

libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...

6.9CVSS5.8AI score0.00102EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/12/23 12:24 p.m.4 views

Security update for mozjs52

This update for mozjs52 fixes the following issues: CVE-2024-45491: Fixed integer overflow in dtdCopy bsc1230037 CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart bsc1230038 CVE-2024-45490: Fixed negative len for...

8.2CVSS7.4AI score0.01686EPSS
Exploits0References16
OSV
OSV
added 2025/02/03 8:54 a.m.6 views

SUSE-SU-2025:20045-1 Security update for expat

This update for expat fixes the following issues: - CVE-2024-45492: detect integer overflow in function nextScaffoldPart bsc1229932 - CVE-2024-45491: detect integer overflow in dtdCopy bsc1229931 - CVE-2024-45490: reject negative len for XMLParseBuffer bsc1229930 - CVE-2024-28757: XML Entity...

9.8CVSS6.9AI score0.02006EPSS
Exploits1References9
SUSE Linux
SUSE Linux
added 2025/02/03 8:54 a.m.5 views

Security update for expat

This update for expat fixes the following issues: CVE-2024-45492: detect integer overflow in function nextScaffoldPart bsc1229932 CVE-2024-45491: detect integer overflow in dtdCopy bsc1229931 CVE-2024-45490: reject negative len for XMLParseBuffer bsc1229930 CVE-2024-28757: XML Entity Expansion...

7.5CVSS7.6AI score0.02006EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.27 views

EulerOS 2.0 SP9 : xmlrpc-c (EulerOS-SA-2025-1067)

According to the versions of the xmlrpc-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer.CVE-2024-45490 An issue was...

9.8CVSS7.1AI score0.01686EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2024/10/07 12:16 p.m.4 views

Security update for mozjs115

This update for mozjs115 fixes the following issues: CVE-2024-45490: Fixed negative len for XMLParseBuffer in embedded expat bnc1230036 CVE-2024-45491: Fixed integer overflow in dtdCopy in embedded expat bnc1230037 CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart in embedded...

6.9CVSS8AI score0.01686EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2024/09/18 12:1 p.m.4 views

libexpat: Negative Length Parsing Vulnerability in libexpat

A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XMLParseBuffer function...

9.8CVSS7.3AI score0.01686EPSS
Exploits0References7
OSV
OSV
added 2024/09/17 9:29 p.m.9 views

CLSA-2024-1726608591 expat: Fix of 3 CVEs

CVE-2024-45490: Reject negative length for XMLParseBuffer in xmlparse.c - CVE-2024-45491: Detect integer overflow in dtdCopy on 32-bit platforms - CVE-2024-45492: Detect integer overflow in nextScaffoldPart on 32-bit platforms...

9.8CVSS7.2AI score0.01686EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/09/13 7:0 a.m.5 views

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.

...

9.8CVSS6.8AI score0.01686EPSS
Exploits0
OSV
OSV
added 2024/09/12 5:46 p.m.9 views

CLSA-2024-1726163202 expat: Fix of 3 CVEs

The release version was raised because it corresponds to version 13 - CVE-2024-45490: reject negative len for XMLParseBuffer to prevent improper restriction of XML External Entity Reference - CVE-2024-45491: prevent integer overflow in dtdCopy - CVE-2024-45492: prevent integer overflow in...

9.8CVSS7.2AI score0.01686EPSS
Exploits0References1
Rows per page
Query Builder