Lucene search
K

53533 matches found

OSV
OSV
added 2026/06/05 6:0 a.m.11 views

RLSA-2026:22721 Important: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: denial of service via crafted XML input CVE-2026-45186 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the...

7.5CVSS5.5AI score0.00428EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2026/06/05 6:0 a.m.12 views

expat security update

An update is available for expat. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Expat is a C library for parsing XML documents. Security Fixes: libexpat: denia...

7.5CVSS5.8AI score0.00428EPSS
Exploits1
OSV
OSV
added 2026/06/05 5:38 a.m.7 views

BIT-ACTIVEMQ-2026-42588 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Remote Code Execution via Jolokia addNetworkConnector

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy...

8.1CVSS6.2AI score0.00546EPSS
Exploits2References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.8 views

EUVD-2026-34657

Type Confusion in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted XML file. Chromium security severity: Medium...

5.8AI score0.00228EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.8 views

EUVD-2026-34611

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00159EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.9 views

EUVD-2026-34630

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...

6AI score0.00211EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.9 views

EUVD-2026-34484

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. Chromium security severity: Medium...

5.8AI score0.00079EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34469

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

5.8AI score0.00221EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML...

8.1CVSS5.6AI score0.00211EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.9 views

MiracleLinux 8 : expat-2.5.0-2.el8_10 (AXSA:2026-758:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-758:06 advisory. libexpat: denial of service via crafted XML input CVE-2026-45186 Tenable has extracted the preceding description block directly from the MiracleLinux security...

7.5CVSS5.5AI score0.00428EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11196

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a...

6.5CVSS5.4AI score0.00228EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file...

6.5CVSS5.4AI score0.00221EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.5 views

RockyLinux 10 : expat (RLSA-2026:22715)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22715 advisory. libexpat: denial of service via crafted XML input CVE-2026-45186 Tenable has extracted the preceding description block directly from the RockyLinux security...

7.5CVSS5.6AI score0.00428EPSS
Exploits1References3
NVD
NVD
added 2026/06/04 11:17 p.m.7 views

CVE-2026-11196

Type Confusion in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted XML file. Chromium security severity: Medium...

6.5CVSS0.00228EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.6 views

DEBIAN-CVE-2026-11196

Type Confusion in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted XML file. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00228EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:17 p.m.7 views

CVE-2026-11169

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...

8.1CVSS0.00211EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.5 views

DEBIAN-CVE-2026-11169

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...

8.1CVSS5.6AI score0.00211EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:17 p.m.7 views

CVE-2026-11150

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.1CVSS0.00159EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.5 views

CVE-2026-11035

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. Chromium security severity: Medium...

7.3CVSS0.00079EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.6 views

CVE-2026-11020

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

6.5CVSS0.00221EPSS
Exploits0References2
Rows per page
Query Builder