what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

CVE-2022-25235

Status Candidate

Overview

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.

Related Files

Red Hat Security Advisory 2022-7811-01
Posted Nov 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7811-01 - Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. Issues addressed include code execution and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-23990, CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315
SHA-256 | 40e1bd82a4029a9b397c129156f6c862515c76db9d799f06c1e3ed5dd189a0fb
Gentoo Linux Security Advisory 202209-24
Posted Sep 30, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202209-24 - Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution. Versions less than 2.4.9 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23852, CVE-2022-23990, CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314
SHA-256 | 2ce98ac3693f706e145cfd62612f4e95aba33619815a6e436ea16ca923e8b420
Red Hat Security Advisory 2022-4668-01
Posted May 19, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4668-01 - Red Hat OpenShift Virtualization release 4.10.1 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-36221, CVE-2021-41190, CVE-2022-0778, CVE-2022-21698, CVE-2022-24407, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | 57ea642d5a0a1510cce8ff99f716b47bf753e4780e02ad6c833852fa3e9a589b
Red Hat Security Advisory 2022-1747-01
Posted May 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1747-01 - OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-23177, CVE-2021-31566, CVE-2021-3999, CVE-2021-41771, CVE-2021-41772, CVE-2021-45960, CVE-2021-46143, CVE-2022-0778, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23218, CVE-2022-23219, CVE-2022-23308, CVE-2022-23852, CVE-2022-25235
SHA-256 | 9f53c43845e6989b1ee838b81e5c8b82022554a46d50f3d5c6ed2d4ad233ec23
Red Hat Security Advisory 2022-1739-01
Posted May 6, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1739-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the containers for the release.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-44906, CVE-2022-0235, CVE-2022-0536, CVE-2022-0778, CVE-2022-24771, CVE-2022-24772, CVE-2022-24773, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | cb21e1da18630601c7d6b7eb569a0a6065c74bb6f909471f40f1d94f5c502fc3
Red Hat Security Advisory 2022-1622-01
Posted May 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1622-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.57.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-8647, CVE-2020-8649, CVE-2022-0435, CVE-2022-0711, CVE-2022-0778, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21496, CVE-2022-24407, CVE-2022-24769, CVE-2022-25173, CVE-2022-25174, CVE-2022-25175, CVE-2022-25176, CVE-2022-25177, CVE-2022-25178, CVE-2022-25179, CVE-2022-25180, CVE-2022-25181, CVE-2022-25182, CVE-2022-25183, CVE-2022-25184, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | c6bbb6c8c7f4807bed808b409a1979c9c7ff636de3be398e6d437bf3aaece474
Red Hat Security Advisory 2022-1644-01
Posted Apr 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1644-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.

tags | advisory, remote, web, code execution, protocol
systems | linux, redhat
advisories | CVE-2022-25235
SHA-256 | 6411512a574d6fff515bffc7e82e7304682cd0252c57acb85779335db74418bb
Red Hat Security Advisory 2022-1643-01
Posted Apr 29, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1643-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.

tags | advisory, remote, web, code execution, protocol
systems | linux, redhat
advisories | CVE-2022-25235
SHA-256 | f8d15676020a9ab3d565cd4406a7e5da73416bf14c9546ee5307f620eab24745
Red Hat Security Advisory 2022-1540-01
Posted Apr 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1540-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.

tags | advisory, remote, web, code execution, protocol
systems | linux, redhat
advisories | CVE-2022-25235
SHA-256 | 487dc3b2d93eedc2fcb87a4be267ba9c311893cb909e4c7b26d1da9002b99fca
Red Hat Security Advisory 2022-1539-01
Posted Apr 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1539-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.

tags | advisory, remote, web, code execution, protocol
systems | linux, redhat
advisories | CVE-2022-25235
SHA-256 | 277e754c3ed3d2b26c37fd443267b87858fb3e04b24fca3b9a4d3ce2a33ad8a1
Red Hat Security Advisory 2022-1309-01
Posted Apr 12, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1309-01 - Expat is a C library for parsing XML documents. Issues addressed include code execution and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | 7463125dafb0ba97745d92ab18eecb53e936970a9015885d92d859de14a7b81e
Red Hat Security Advisory 2022-1263-01
Posted Apr 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1263-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, code execution, integer overflow, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-0920, CVE-2021-4028, CVE-2021-4083, CVE-2021-4155, CVE-2021-45417, CVE-2022-0330, CVE-2022-0778, CVE-2022-22942, CVE-2022-24407, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | 8099208ae1c6aef8c286b95bb11ce25104d7ea396a4083c6ef51ad9bcd09650a
Red Hat Security Advisory 2022-1070-01
Posted Mar 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1070-01 - Expat is a C library for parsing XML documents. Issues addressed include code execution and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | 090b931cf27fcbfcf83f4bab13fae45cbc572f0e2c3375ac6b18f27c5423522e
Red Hat Security Advisory 2022-1068-01
Posted Mar 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1068-01 - Expat is a C library for parsing XML documents. Issues addressed include code execution and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | cff735b92079459101b3f627350f2527213cc970855eddb7e97285e7db03621d
Red Hat Security Advisory 2022-1069-01
Posted Mar 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1069-01 - Expat is a C library for parsing XML documents. Issues addressed include code execution and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23852, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | 4636becc23f191c55578ec936c83d29b397e92bb34cf4b5d485c24e5fde8cec1
Red Hat Security Advisory 2022-1053-01
Posted Mar 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1053-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include code execution and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | f4f802993ea3100d0df09c80d0cdf767c42c981fc188c3de7910f754386e1851
Red Hat Security Advisory 2022-1039-01
Posted Mar 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1039-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-25709, CVE-2020-25710, CVE-2021-23177, CVE-2021-31566, CVE-2021-3999, CVE-2021-45960, CVE-2021-46143, CVE-2022-1025, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23218, CVE-2022-23219, CVE-2022-23308, CVE-2022-23852, CVE-2022-24407, CVE-2022-24730, CVE-2022-24731, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | a3aa6dabb32b90d59c78082f139db0780896fec7f29703a5c21de22ea3a9a54a
Red Hat Security Advisory 2022-1041-01
Posted Mar 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1041-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-23177, CVE-2021-31566, CVE-2021-3999, CVE-2021-45960, CVE-2021-46143, CVE-2022-0261, CVE-2022-0318, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0413, CVE-2022-1025, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23218, CVE-2022-23219, CVE-2022-23308, CVE-2022-23852, CVE-2022-24407, CVE-2022-24730, CVE-2022-24731, CVE-2022-25235, CVE-2022-25236
SHA-256 | 6445fba90799b01b872171494589c69dffa5557ff9ffa53f46f79a6cee9831a2
Red Hat Security Advisory 2022-1012-01
Posted Mar 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1012-01 - Expat is a C library for parsing XML documents. Issues addressed include code execution and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | 57f82e760b9ff26a89294331c00d89dc12766f4bb95dba6543918b518a6f31d8
Red Hat Security Advisory 2022-0951-01
Posted Mar 17, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0951-01 - Expat is a C library for parsing XML documents. Issues addressed include code execution and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23852, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315
SHA-256 | 336212c2c1cb70fe9f9cf1cc5dea09e7417703255f38a4eecbdee96db3af464e
Red Hat Security Advisory 2022-0843-01
Posted Mar 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0843-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.7.0. Issues addressed include bypass, code execution, integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-0566, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315, CVE-2022-26381, CVE-2022-26383, CVE-2022-26384, CVE-2022-26386, CVE-2022-26387, CVE-2022-26485, CVE-2022-26486
SHA-256 | 91b426f8c1cb90853402f23c2cdfe36ee62902648c19f9212e72ae35ea4c6e81
Red Hat Security Advisory 2022-0845-01
Posted Mar 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0845-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.7.0. Issues addressed include bypass, code execution, integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-0566, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315, CVE-2022-26381, CVE-2022-26383, CVE-2022-26384, CVE-2022-26386, CVE-2022-26387, CVE-2022-26485, CVE-2022-26486
SHA-256 | 6f7449ee9aa149026be585b4ca891c22521d3999d98cdfa9f63ca632be9c7574
Red Hat Security Advisory 2022-0847-01
Posted Mar 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0847-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.7.0. Issues addressed include bypass, code execution, integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-0566, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315, CVE-2022-26381, CVE-2022-26383, CVE-2022-26384, CVE-2022-26386, CVE-2022-26387, CVE-2022-26485, CVE-2022-26486
SHA-256 | 7b6191839615d6bc0f12d270d42e5ec64d0f8c3fd8c3fd2e1dc39b8cec0853af
Red Hat Security Advisory 2022-0850-01
Posted Mar 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0850-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.7.0. Issues addressed include bypass, code execution, integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-0566, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315, CVE-2022-26381, CVE-2022-26383, CVE-2022-26384, CVE-2022-26386, CVE-2022-26387, CVE-2022-26485, CVE-2022-26486
SHA-256 | 1b96a1bc9f83c45d739f7ddb29c6782a077745a81ad1e808806c264b4902c914
Red Hat Security Advisory 2022-0853-01
Posted Mar 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0853-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.7.0. Issues addressed include bypass, code execution, integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-0566, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315, CVE-2022-26381, CVE-2022-26383, CVE-2022-26384, CVE-2022-26386, CVE-2022-26387, CVE-2022-26485, CVE-2022-26486
SHA-256 | ab930cd0ca57a6f710760cb8bf8f9c5fc2675425b03472f734565c6e7538a774
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close