Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
expat vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2016-4472
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete ...
Libexpat Project Libexpat
Canonical Ubuntu Linux 12.04
Mcafee Policy Auditor
Python Python
7.8
CVSSv2
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix ...
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Google Android 5.0.2
Google Android 6.0.1
Google Android 6.0
Google Android 4.4.4
Google Android 5.1.1
4.3
CVSSv2
CVE-2012-6702
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent malicious users to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
Libexpat Project Libexpat
Google Android 5.0.2
Google Android 6.0.1
Google Android 6.0
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Google Android 4.4.4
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Google Android 5.1.1
7.5
CVSSv2
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla Firefox
Apple Mac Os X
Suse Linux Enterprise Server 11
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mcafee Policy Auditor
Python Python
1 Article
NA
CVE-2016-0719
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-0718. Reason: This candidate is a reservation duplicate of CVE-2016-0718. Notes: All CVE users should reference CVE-2016-0718 instead of this candidate. All references and descriptions in this candidate have ...
6.8
CVSSv2
CVE-2013-0340
expat 2.1.0 and previous versions does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote malicious users to cause a denial of service (resource consumption), send HTTP requests to intranet server...
Libexpat Project Libexpat
Python Python
Apple Ipados
Apple Iphone Os
Apple Macos
Apple Watchos
Apple Tvos
2 Github repositories
4.3
CVSSv2
CVE-2012-1147
readfilemap.c in expat prior to 2.1.0 allows context-dependent malicious users to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
Apple Mac Os X 10.11.1
Apple Mac Os X 10.11.0
Libexpat Project Libexpat 2.0.0
Libexpat Project Libexpat 1.95.8
Libexpat Project Libexpat 1.95.7
Libexpat Project Libexpat 1.95.6
Libexpat Project Libexpat 1.95.5
Libexpat Project Libexpat 1.95.4
Libexpat Project Libexpat 1.95.2
Libexpat Project Libexpat 1.95.1
Libexpat Project Libexpat
5
CVSSv2
CVE-2012-1148
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat prior to 2.1.0 allows context-dependent malicious users to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expandi...
Libexpat Project Libexpat 2.0.0
Libexpat Project Libexpat 1.95.8
Libexpat Project Libexpat
Libexpat Project Libexpat 1.95.5
Libexpat Project Libexpat 1.95.4
Libexpat Project Libexpat 1.95.7
Libexpat Project Libexpat 1.95.6
Libexpat Project Libexpat 1.95.2
Libexpat Project Libexpat 1.95.1
Apple Mac Os X
4.3
CVSSv2
CVE-2012-0876
The XML parser (xmlparse.c) in expat prior to 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via an XML file with many identifiers wit...
Libexpat Project Libexpat
Python Python
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Oracle Solaris 11.3
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Storage 2.0
Redhat Enterprise Linux Eus 6.2
5
CVSSv2
CVE-2009-3560
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent malicious users to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-re...
Libexpat Project Libexpat 2.0.1
Apache Http Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »