CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

141 matches found

RedHat Linux•added 2022/03/14 10:16 a.m.•2 views

expat: Integer overflow in build_model in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS7.5AI score0.00431EPSS

Exploits0References5

RedHat Linux•added 2022/03/14 10:16 a.m.•2 views

expat: Integer overflow in defineAttribute in xmlparse.c

9.8CVSS7.5AI score0.00431EPSS

Exploits0References5

OSV•added 2022/02/15 12:0 a.m.•1 views

UBUNTU-CVE-2022-25236

xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...

9.8CVSS6.8AI score0.08156EPSS

Exploits0References14

OpenVAS•added 2022/01/26 12:0 a.m.•27 views

SUSE: Security Advisory (SUSE-SU-2022:0178-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.04193EPSS

Exploits3References11

Mageia•added 2022/01/25 12:13 p.m.•71 views

Updated expat packages fix security vulnerability

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory. CVE-2021-45960 In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow...

9.8CVSS2.5AI score0.04193EPSS

Exploits3References3

Microsoft CVE•added 2022/01/14 8:0 a.m.•2 views

nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

...

8.8CVSS7.5AI score0.00206EPSS

Exploits0

Microsoft CVE•added 2022/01/14 8:0 a.m.•3 views

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

...

9.8CVSS7.5AI score0.00431EPSS

Exploits0

Microsoft CVE•added 2022/01/14 8:0 a.m.•4 views

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3 an integer overflow exists for m_groupSize.

...

8.1CVSS7.5AI score0.04193EPSS

Exploits1

Microsoft CVE•added 2022/01/14 8:0 a.m.•3 views

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

...

8.8CVSS7.5AI score0.00206EPSS

Exploits0

Microsoft CVE•added 2022/01/13 8:0 a.m.•3 views

In Expat (aka libexpat) before 2.4.3 a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g. allocating too few bytes or only freeing memory).

...

9CVSS7.5AI score0.00316EPSS

Exploits1

OSV•added 2022/01/10 2:12 p.m.•1 views

DEBIAN-CVE-2022-22827

storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

8.8CVSS7.4AI score0.00279EPSS

Exploits1References1

OSV•added 2022/01/10 2:12 p.m.•28 views

CVE-2022-22826

nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

8.8CVSS3.1AI score