Page 22 of 1851 results (0.010 seconds)

CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0

In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, se presenta un desbordamiento de enteros en copyString An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded (rather than user input), takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service. • http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/560 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM https://security.gentoo.org/glsa/202209-24 https://security.netapp.com/advisory/ntap-20220303-0008 htt • CWE-190: Integer Overflow or Wraparound •

CVSS: 9.8EPSS: 2%CPEs: 9EXPL: 1

In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, se presenta un desbordamiento de enteros en storeRawNames An integer overflow was found in expat. The issue occurs in storeRawNames() by abusing the m_buffer expansion logic to allow allocations very close to INT_MAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution. • http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/559 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM https://security.gentoo.org/glsa&# • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 1%CPEs: 9EXPL: 2

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, un atacante puede desencadenar un agotamiento de pila en build_model por medio de una gran profundidad de anidamiento en el elemento DTD A flaw was found in expat. A stack exhaustion in doctype parsing could be triggered by a file with a large number of opening braces, resulting in a denial of service. • https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-25313 https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25313 http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/558 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https • CWE-674: Uncontrolled Recursion CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 1

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. Un fallo en netfilter podría permitir a un atacante conectado a la red inferir información del endpoint de la conexión openvpn para su posterior uso en ataques de red tradicionales • https://github.com/d0rb/CVE-2021-3773 https://bugzilla.redhat.com/show_bug.cgi?id=2004949 https://www.oracle.com/security-alerts/cpujul2022.html https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024 https://access.redhat.com/security/cve/CVE-2021-3773 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. El archivo xmltok_impl.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, carece de determinada comprobación de codificación, como comprueba si un carácter UTF-8 es válido en un determinado contexto A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences (for example, from start tag names) to the XML processing application on top of expat can lead to arbitrary code execution. This issue is dependent on how invalid UTF-8 is handled inside the XML processor. • http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/562 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM https://security.gentoo.org/glsa&# • CWE-116: Improper Encoding or Escaping of Output CWE-838: Inappropriate Encoding for Output Context •