News & Sicurezza
Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.
24811 risultati
CVE ID :CVE-2026-56412 Published : June 21, 2026, 3:58 p.m. | 13 hours, 44 minutes ago Description :libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-56411 Published : June 21, 2026, 3:56 p.m. | 13 hours, 47 minutes ago Description :xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-56410 Published : June 21, 2026, 3:55 p.m. | 13 hours, 48 minutes ago Description :xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-56409 Published : June 21, 2026, 3:52 p.m. | 13 hours, 50 minutes ago Description :xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-56408 Published : June 21, 2026, 3:51 p.m. | 11 hours, 52 minutes ago Description :libexpat before 2.8.2 has an integer overflow in copyString. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-56407 Published : June 21, 2026, 3:49 p.m. | 9 hours, 54 minutes ago Description :libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-56406 Published : June 21, 2026, 3:48 p.m. | 9 hours, 55 minutes ago Description :libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-56405 Published : June 21, 2026, 3:47 p.m. | 9 hours, 56 minutes ago Description :libexpat before 2.8.2 has an integer overflow in getAttributeId. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-56404 Published : June 21, 2026, 3:45 p.m. | 9 hours, 57 minutes ago Description :libexpat before 2.8.2 has an integer overflow in addBinding. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-56403 Published : June 21, 2026, 3:43 p.m. | 7 hours, 59 minutes ago Description :libexpat before 2.8.2 has an integer overflow in storeAtts. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the Bazaar by embedding XSS payloads in package displayName, description, or README fields, exploiting Electron's nodeIntegration setting to execute OS commands.
phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated administrators to escalate privileges. Non-SuperAdmin users with edit_user permission can set is_superadmin flag or grant arbitrary rights to escalate to SuperAdmin access.
Pagina 167 di 2068