CVE-2026-21502 NULL Pointer Dereference in iccDEV XML Tag Parser

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML tag parser. This issue has been patched in version 2.3.1.2...

CVE-2026-21499 NULL Pointer Dereference in iccDEV XML Parser

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML parser. This issue has been patched in version 2.3.1.2...

CVE-2026-21499

CVE-2026-21499 affects iccDEV prior to 2.3.1.2, due to a NULL pointer dereference in the XML parser. The issue is documented as a vulnerability in iccDEV’s XML parsing path, with patch released in version 2.3.1.2. Impact is described as availability loss (A) with no confidentiality/integrity impa...

CVE-2026-21499 NULL Pointer Dereference in iccDEV XML Parser

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML parser. This issue has been patched in version 2.3.1.2...

PT-2026-2065

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions prior to 2.3.1.2 are susceptible to a NULL pointer dereference issue...

PT-2026-34084

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u481, 11.0.30, 17.0.18, 21.0.10, 25.0.2 and 26 Oracle GraalVM for JDK versions 17.0.18 and 21.0.10 Oracle GraalVM Enterprise Edition version 21.3.17 Description An issue in the JAXP component allows an unauthenticated...

SUSE SLES15 / openSUSE 15 Security Update : mozjs52 (SUSE-SU-2025:4512-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4512-1 advisory. - CVE-2024-45491: Fixed integer overflow in dtdCopy bsc1230037 - CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 -...

Security update for mozjs52

This update for mozjs52 fixes the following issues: CVE-2024-45491: Fixed integer overflow in dtdCopy bsc1230037 CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart bsc1230038 CVE-2024-45490: Fixed negative len for...

EUVD-2025-204621

A buffer overflow vulnerability exists in the ONVIF XML parser of Tapo C200 V3. An unauthenticated attacker on the same local network segment can send specially crafted SOAP XML requests, causing memory overflow and device crash, resulting in denial-of-service DoS...

CVE-2025-8065

A buffer overflow vulnerability exists in the ONVIF XML parser of Tapo C200 V3. An unauthenticated attacker on the same local network segment can send specially crafted SOAP XML requests, causing memory overflow and device crash, resulting in denial-of-service DoS...

CVE-2025-8065

A stack-based buffer overflow vulnerability was identified in the ONVIF SOAP XML Parser in Tapo C200 v3 and C520WS v2.6. When processing XML tags with namespace prefixes, the parser fails to validate the prefix length before copying it to a fixed-size stack buffer. It allowed a crafted SOAP reque...

CVE-2025-8065

A stack-based buffer overflow vulnerability was identified in the ONVIF SOAP XML Parser in Tapo C200 v3 and C520WS v2.6. When processing XML tags with namespace prefixes, the parser fails to validate the prefix length before copying it to a fixed-size stack buffer. It allowed a crafted SOAP reque...

TP-Link Tapo C200 安全漏洞

TP-Link Tapo C200 is a smart WiFi camera from China P&L TP-Link. A security vulnerability exists in TP-Link Tapo C200 V3, which originates from a buffer overflow in the ONVIF XML parser, which could lead to a denial of service attack...

EUVD-2025-204495

Malicious code in viktor-xml-parser npm...

Malicious code in viktor-xml-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f588bf6164c41e993943c30ac7d1a25c88c3de79469bb1a5d1a8a43448f22c31 The package viktor-xml-parser was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview viktor-xml-parser is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-192646 Malicious code in viktor-xml-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f588bf6164c41e993943c30ac7d1a25c88c3de79469bb1a5d1a8a43448f22c31 The package viktor-xml-parser was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview fruit-malicious-xml-parser is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

EUVD-2025-202951

Malicious code in bfruitmaliciousxmlparser npm...

Malicious code in fruit-malicious-xml-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c330d59c7529d320701e6ccf11a655110e1aeb7c9ad5d15c34ba10941c6343a6 The package fruit-malicious-xml-parser was found to contain malicious code. Source: ghsa-malware...