CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22823 – expat: Integer overflow in build_model in xmlparse.c
https://notcve.org/view.php?id=CVE-2022-22823
08 Jan 2022 — build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. la función build_model en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, presenta un desbordamiento de enteros expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerabilit... • http://www.openwall.com/lists/oss-security/2022/01/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22824 – expat: Integer overflow in defineAttribute in xmlparse.c
https://notcve.org/view.php?id=CVE-2022-22824
08 Jan 2022 — defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. la función defineAttribute en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, presenta un desbordamiento de enteros expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vuln... • http://www.openwall.com/lists/oss-security/2022/01/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22825 – expat: Integer overflow in lookup in xmlparse.c
https://notcve.org/view.php?id=CVE-2022-22825
08 Jan 2022 — lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. la función lookup en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, presenta un desbordamiento de enteros expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to av... • http://www.openwall.com/lists/oss-security/2022/01/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22826 – expat: Integer overflow in nextScaffoldPart in xmlparse.c
https://notcve.org/view.php?id=CVE-2022-22826
08 Jan 2022 — nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. la función nextScaffoldPart en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, presenta un desbordamiento de enteros expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vu... • http://www.openwall.com/lists/oss-security/2022/01/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22827 – expat: Integer overflow in storeAtts in xmlparse.c
https://notcve.org/view.php?id=CVE-2022-22827
08 Jan 2022 — storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. la función storeAtts en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, presenta un desbordamiento de enteros expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is... • http://www.openwall.com/lists/oss-security/2022/01/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 2CVE-2021-46143 – expat: Integer overflow in doProlog in xmlparse.c
https://notcve.org/view.php?id=CVE-2021-46143
06 Jan 2022 — In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. En la función doProlog en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, se presenta un desbordamiento de enteros para m_groupSize. expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. ... • https://github.com/nanopathi/external_expat_AOSP10_r33_CVE-2021-46143 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.0EPSS: 0%CPEs: 12EXPL: 5CVE-2021-45960 – expat: Large number of prefixed XML attributes on a single tag can crash libexpat
https://notcve.org/view.php?id=CVE-2021-45960
01 Jan 2022 — In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). En Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, un desplazamiento a la izquierda por 29 (o más) lugares en la función storeAtts en el archivo xmlparse.c puede conllevar a un comportamiento incorrecto de reasignación (por ejemplo, asignar muy pocos bytes, o sólo liberar memoria). exp... • https://github.com/nanopathi/external_expat_AOSP10_r33_CVE-2021-45960 • CWE-130: Improper Handling of Length Parameter Inconsistency CWE-682: Incorrect Calculation •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20135
https://notcve.org/view.php?id=CVE-2021-20135
02 Nov 2021 — Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. Tenable has included a fix for this issue in Nessus 10.0.0. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/nessus). Se ha detectado que Nessus versiones 8.15.2 y anteriores, contienen una vulnerabilidad de escalada de privilegios local que p... • https://www.tenable.com/security/tns-2021-18 •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20106
https://notcve.org/view.php?id=CVE-2021-20106
21 Jul 2021 — Nessus Agent versions 8.2.5 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. Nessus Agent versiones 8.2.5 y anteriores, se ha detectado que contienen una vulnerabilidad de escalada de privilegios que podría permitir a un usuario administrador de Nessus cargar un archivo especialmente diseñado que podría conllevar a alcanzar privilegios... • https://www.tenable.com/security/tns-2021-13 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20079
https://notcve.org/view.php?id=CVE-2021-20079
29 Jun 2021 — Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaining administrator privileges on the Nessus host. Nessus versiones 8.13.2 y anteriores, se detectó que contienen una vulnerabilidad de escalada de privilegios que podría permitir a un usuario administrador de Nessus cargar un archivo especialmente diseñado que podría conllevar a alcanzar privilegios de administrad... • https://www.tenable.com/security/tns-2021-07 •