Page 5 of 73 results (0.030 seconds)

CVSS: 6.5EPSS: 1%CPEs: 9EXPL: 2

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, un atacante puede desencadenar un agotamiento de pila en build_model por medio de una gran profundidad de anidamiento en el elemento DTD A flaw was found in expat. A stack exhaustion in doctype parsing could be triggered by a file with a large number of opening braces, resulting in a denial of service. • https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-25313 https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25313 http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/558 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https • CWE-674: Uncontrolled Recursion CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. El archivo xmltok_impl.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, carece de determinada comprobación de codificación, como comprueba si un carácter UTF-8 es válido en un determinado contexto A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences (for example, from start tag names) to the XML processing application on top of expat can lead to arbitrary code execution. This issue is dependent on how invalid UTF-8 is handled inside the XML processor. • http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/562 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM https://security.gentoo.org/glsa&# • CWE-116: Improper Encoding or Escaping of Output CWE-838: Inappropriate Encoding for Output Context •

CVSS: 9.8EPSS: 4%CPEs: 7EXPL: 0

xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. El archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, permite a atacantes insertar caracteres separadores de espacios de nombres en URIs de espacios de nombres A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns[:prefix]" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML processor. • http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/561 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https://lists.fedoraproject.org/archives/list/package- • CWE-179: Incorrect Behavior Order: Early Validation CWE-668: Exposure of Resource to Wrong Sphere •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Affected products contain an open redirect vulnerability. An attacker could trick a valid authenticated user to the device into clicking a malicious link there by leading to phishing attacks. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a la versión V2.0). Los productos afectados contienen una vulnerabilidad de redirección abierta. • http://packetstormsecurity.com/files/165966/SIEMENS-SINEMA-Remote-Connect-1.0-SP3-HF1-Open-Redirection.html http://seclists.org/fulldisclosure/2022/Feb/20 https://cert-portal.siemens.com/productcert/pdf/ssa-654775.pdf • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. Expat (también se conoce como libexpat) versiones anteriores a 2.4.4, presenta un desbordamiento de enteros en la función doProlog A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service. • https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/551 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH https://security.gentoo.org/glsa/202209-24 https://www.debian.org/security/2022/dsa-5073 https://www.oracle.com/security-alerts/cpuapr2022.html https://www. • CWE-190: Integer Overflow or Wraparound •