CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Overview smolagents is a 🤗 smolagents: a barebones library for agents. Agents write python code to call tools or orchestrate other agents. Affected versions of this package are vulnerable to Improper Neutralization of Data within XPath Expressions 'XPath Injection' via the searchitemctrlf functio...

6.4CVSS7.2AI score0.00252EPSS

Exploits2References3

Redos•added 2025/09/22 12:0 a.m.•4 views

ROS-20250922-01

Vulnerability in Mozilla Firefox and Firefox ESR browsers, Thunderbird mail client is related to an operation exceeding the buffer boundaries when processing XPath expressions. operation exceeds buffer boundaries in memory when processing XPath expressions. Exploitation of the vulnerability could...

8.1CVSS8AI score0.00403EPSS

Exploits0

OpenVAS•added 2025/09/16 12:0 a.m.•3 views

Ubuntu: Security Advisory (USN-7743-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.2CVSS6.5AI score0.00144EPSS

Exploits0References2

OSV•added 2025/09/12 11:46 a.m.•5 views

BIT-NIFI-2022-29265 Improper Restriction of XML External Entity References in Multiple Components

Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. The Standard Content Viewer service attempts to resolve XML External Entity references when viewing formatted XML files. The following Processors attempt to resolve XML...

7.5CVSS7.1AI score0.02425EPSS

Exploits0References3

OSV•added 2025/09/10 7:15 p.m.•4 views

CVE-2025-9714

Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...

5.5CVSS9.3AI score

Exploits0References2

AlpineLinux•added 2025/09/10 6:43 p.m.•2 views

CVE-2025-9714

6.2CVSS6.6AI score0.00144EPSS

Exploits0References3

Cvelist•added 2025/09/10 6:43 p.m.•10 views

CVE-2025-9714 Stack overflow in libxml2

6.2CVSS0.00144EPSS

Exploits0References1

Vulnrichment•added 2025/09/10 6:43 p.m.•2 views

CVE-2025-9714 Stack overflow in libxml2

6.2CVSS6.2AI score0.00144EPSS

Exploits0References1

OSV•added 2025/09/10 1:39 p.m.•4 views

USN-7743-1 libxml2 vulnerability

Nikita Sveshnikov discovered that libxml2 incorrectly handled recursion when processing XPath expressions. An attacker could possibly use this issue to cause a denial of service...

6.2CVSS6.1AI score0.00144EPSS

Exploits0References2

Tenable Nessus•added 2025/09/10 12:0 a.m.•6 views

EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2025-2105)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML...

9.1CVSS7.4AI score0.01437EPSS

Exploits1References5

Vulnrichment•added 2025/09/09 4:36 p.m.•3 views

CVE-2025-54251 Adobe Experience Manager | XML Injection (aka Blind XPath Injection) (CWE-91)

Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate XML queries and gain limited unauthorized write access...

4.3CVSS6.6AI score0.01609EPSS

Exploits0References1

Cvelist•added 2025/09/09 4:36 p.m.•6 views

CVE-2025-54251 Adobe Experience Manager | XML Injection (aka Blind XPath Injection) (CWE-91)

4.3CVSS0.01609EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by