Siemens: >> Sinema Remote Connect Server Security Vulnerabilities
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
CVSS Score
9.8
EPSS Score
0.017
Published
2022-01-24
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-01-10
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-01-10
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVSS Score
9.8
EPSS Score
0.013
Published
2022-01-10
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-01-10
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-01-10
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-01-10
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
CVSS Score
8.1
EPSS Score
0.041
Published
2022-01-06
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
CVSS Score
8.8
EPSS Score
0.003
Published
2022-01-01
The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility.
CVSS Score
7.5
EPSS Score
0.024
Published
2021-10-18