15 matches found
CVE-2026-8177 XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences
XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UTF-8 sequence causes the parser to read past the end of the input string into adjacent heap memory...
CVE-2026-24856 iccDEV has UB runtime error in <icTagTypeSignature>
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Versions prior to 2.3.1.2 have an undefined behavior issue when floating-point NaN values are converted to unsigned short integer types during ICC profile X...
EUVD-2019-11352
Malware in sbrugna...
EUVD-2019-10753
Malware in sbrugna...
EUVD-2022-1938
Malicious code in bioql PyPI...
CVE-2020-0765
An information disclosure vulnerability exists in the Remote Desktop Connection Manager RDCMan application when it improperly parses XML input containing a reference to an external entity, aka 'Remote Desktop Connection Manager Information Disclosure Vulnerability'...
CVE-2022-40303
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault...
ezXML out-of-bounds write vulnerability (CNVD-2021-30593)
ezXML is a C library for parsing XML documents . An out-of-bounds write vulnerability exists in libezxml.a in ezXML version 0.8.6. The vulnerability stems from a memory handling error performed by the ezxmlparsestr function when parsing a specially crafted XML file. An attacker could exploit the...
DEBIAN-CVE-2019-9628
The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected...
Memory corruption vulnerability in Wecon PLC editor
Fuzhou Fuchang Wei-Control Electronic Technology Co., Ltd. is a technology company engaged in the research, development and sales of products in the field of automation. A memory corruption vulnerability exists in Wecon PLC editor. The vulnerability is caused due to the program parsing the projec...
PHP has an unspecified vulnerability (CNVD-2016-02885)
PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A security vulnerability in PHP's handling of XML files allows remote attackers to exploit the vulnerability to trigger an xmlparseintostruct segment error...
Error: "App Not Available" when launching iOS XenMobile Apps
When attempting to launch an MDX wrapped application, you will receive the error "App Not Available". This error is due to an invalid iOS Public App Store application description. The description that is pre-populated from Public App Store includes a datalink escape character that is not supporte...
CVE-2015-7941
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and libxml2 crash via crafted XML data to the 1 xmlParseEntityDecl or 2 xmlParseConditionalSections function in parser.c, as demonstrated by...
CVE-2010-1403
CVE-2010-1403 affects WebKit in Apple Safari prior to 5.0 on Mac OS X 10.5–10.6 and Windows, and prior to 4.1 on Mac OS X 10.4. It arises from uninitialized memory access during processing of a use element in an SVG document (related to ProcessInstruction), allowing remote attackers to execute ar...
CVE-2010-1403
Removed by vendor...