Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-1130)
The remote host is missing an update for the Huawei...
7.8CVSS
8.5AI Score
0.004EPSS
Unbreakable Enterprise kernel security update
[5.4.17-2136.315.5] - Revert 'xfs: Lower CIL flush limit for large logs' (Sherry Yang) [Orabug: 34917369] - Revert 'xfs: Throttle commits on delayed background CIL push' (Sherry Yang) [Orabug: 34917369] - Revert 'xfs: fix use-after-free on CIL context on shutdown' (Sherry Yang) [Orabug:...
7.8CVSS
-0.5AI Score
0.001EPSS
Unbreakable Enterprise kernel-container security update
[5.4.17-2136.315.5] - Revert 'xfs: fix use-after-free on CIL context on shutdown' (Sherry Yang) [Orabug: 34917369] [5.4.17-2136.315.4] - net/mlx5: Suppress error logging on UCTX creation (Marina) [Orabug: 34888473] - uek-rpm: Add ptp_kvm.ko to nano rpm (Somasundaram Krishnasamy) [Orabug:...
7.8CVSS
-0.6AI Score
0.001EPSS
Unbreakable Enterprise kernel-container security update
[4.14.35-2047.521.4.el7] - tcp: Tunables for TCP delayed ack (min and max) timers (Venkat Venkatsubra) [Orabug: 34883100] [4.14.35-2047.521.3.el7] - Revert 'random: use expired timer rather than wq for mixing fast pool' (Saeed Mirzamohammadi) [Orabug: 34918228] [4.14.35-2047.521.2.el7] -...
7.8CVSS
AI Score
0.0004EPSS
EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2023-1106)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled,...
0.2AI Score
0.004EPSS
EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2023-1130)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled,...
8AI Score
0.004EPSS
EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2023-1016)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled,...
0.2AI Score
0.004EPSS
login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter. Recent assessments: h00die-gr3y at January 14, 2023 6:25pm UTC reported: This vulnerability is all...
9.8CVSS
AI Score
0.974EPSS
EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2023-1041)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled,...
0.2AI Score
0.004EPSS
NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other...
7.9CVSS
7.1AI Score
0.0004EPSS
NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_task_submit, where unvalidated input may allow a local attacker to cause stack-based buffer overflow in kernel code, which may lead to escalation of privileges, compromised integrity and confidentiality, and denial of...
7.8CVSS
7.7AI Score
0.001EPSS
My age+YubiKeys Password Management Solution
Password managers are in the news, and it's the holidays, so it's as good a time as ever to describe my password and secret management setup. It's very much not for everyone, but it's minimal, simple, and has some interesting security properties: even if my laptop were compromised, it would take...
6.7AI Score
Fedora 36 : libxml2 / xmlsec1 (2022-aeafd24818)
The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2022-aeafd24818 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled,...
7.8CVSS
-0.2AI Score
0.004EPSS
OpenImageIO TIFF file string field information disclosure vulnerability
Talos Vulnerability Report TALOS-2022-1627 OpenImageIO TIFF file string field information disclosure vulnerability December 22, 2022 CVE Number CVE-2022-41977 SUMMARY An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A.....
3.3CVSS
-0.5AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2022-2837)
The remote host is missing an update for the Huawei...
7.5CVSS
7.8AI Score
0.01EPSS
Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2022-2863)
The remote host is missing an update for the Huawei...
7.5CVSS
7.8AI Score
0.01EPSS
EulerOS 2.0 SP10 : yajl (EulerOS-SA-2022-2837)
According to the versions of the yajl package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow...
7.5CVSS
8.6AI Score
0.01EPSS
macOS 12.x < 12.6.2 Multiple Vulnerabilities (HT213533)
The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6.2. It is, therefore, affected by multiple vulnerabilities: The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1. An app may be able to...
9.8CVSS
7.9AI Score
0.01EPSS
macOS 11.x < 11.7.2 Multiple Vulnerabilities (HT213534)
The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.7.2. It is, therefore, affected by multiple vulnerabilities: This issue was addressed by enabling hardened runtime. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2....
9.8CVSS
7.8AI Score
0.01EPSS
Unbreakable Enterprise kernel security update
[5.4.17-2136.314.6.2] - proc: proc_skip_spaces() shouldn't think it is working on C strings (Linus Torvalds) [Orabug: 34883034] {CVE-2022-4378} - proc: avoid integer type confusion in get_proc_long (Linus Torvalds) [Orabug: 34883034] {CVE-2022-4378} [5.4.17-2136.314.6.1] - RDMA/uverbs: Move...
7.8CVSS
0.6AI Score
0.0005EPSS
Unbreakable Enterprise kernel-container security update
[5.4.17-2136.314.6.2.el7] - proc: proc_skip_spaces() shouldn't think it is working on C strings (Linus Torvalds) [Orabug: 34883034] {CVE-2022-4378} - proc: avoid integer type confusion in get_proc_long (Linus Torvalds) [Orabug: 34883034] {CVE-2022-4378} [5.4.17-2136.314.6.1.el7] - RDMA/uverbs:...
7.8CVSS
0.6AI Score
0.0005EPSS
Amazon Linux 2022 : libxml2 (ALAS2022-2022-258)
The version of libxml2 installed on the remote host is prior to 2.10.3-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-258 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the ...
7.8CVSS
AI Score
0.004EPSS
Amazon Linux 2022 : xmlsec1 (ALAS2022-2022-257)
The version of xmlsec1 installed on the remote host is prior to 1.2.33-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-257 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the ...
7.8CVSS
AI Score
0.004EPSS
Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2022-2812)
The remote host is missing an update for the Huawei...
7.5CVSS
7.8AI Score
0.01EPSS
EulerOS 2.0 SP8 : libxml2 (EulerOS-SA-2022-2800)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled,...
7.8CVSS
0.2AI Score
0.004EPSS
EulerOS 2.0 SP8 : yajl (EulerOS-SA-2022-2812)
According to the versions of the yajl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow...
7.5CVSS
8.5AI Score
0.01EPSS
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : libxml2 vulnerabilities (USN-5760-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 22.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5760-1 advisory. NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies...
7.8CVSS
8.3AI Score
0.005EPSS
Ubuntu 16.04 ESM : libxml2 vulnerabilities (USN-5760-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5760-2 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several...
7.8CVSS
8.3AI Score
0.004EPSS
The Bug Report – November 2022 Edition
The Bug Report — November 2022 Edition By Trellix · December 07, 2022 This blog was written by Austin Emmitt Like granny always said, “never hack on an empty stomach.” Why am I here? This year I am thankful for some vivifying vulnerabilities and exceptional exploits! The world of enterprise...
9.3AI Score
0.492EPSS
The Bug Report – November 2022 Edition
The Bug Report — November 2022 Edition By Trellix · December 07, 2022 This blog was written by Austin Emmitt Like granny always said, “never hack on an empty stomach.” Why am I here? This year I am thankful for some vivifying vulnerabilities and exceptional exploits! The world of enterprise...
8.7AI Score
0.492EPSS
NVIDIA has released a software update for NVIDIA® Jetson AGX Xavier™ series, Jetson Xavier™ NX, Jetson TX1, Jetson TX2 series (including Jetson TX2 NX), and Jetson Nano™ devices (including Jetson Nano 2GB) in the NVIDIA JetPack™ software development kit (SDK). The update addresses security issues.....
7.9CVSS
2.6AI Score
0.001EPSS
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation...
7.5CVSS
6.9AI Score
0.004EPSS
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation...
7.5CVSS
0.004EPSS
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation...
7.5CVSS
7.3AI Score
0.004EPSS
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation...
7.5CVSS
4AI Score
0.004EPSS
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation...
7.5CVSS
4AI Score
0.046EPSS
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation...
7.5CVSS
8.3AI Score
0.004EPSS
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault....
7.5CVSS
7AI Score
0.004EPSS
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation...
7.1AI Score
0.004EPSS
Oracle Linux 9 : yajl (ELSA-2022-8252)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-8252 advisory. yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads...
7.5CVSS
8.3AI Score
0.01EPSS
Oracle Linux 8 : yajl (ELSA-2022-7524)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7524 advisory. yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads...
7.5CVSS
8.3AI Score
0.01EPSS
Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2022-2751)
The remote host is missing an update for the Huawei...
7.5CVSS
7.8AI Score
0.01EPSS
Huawei EulerOS: Security Advisory for yajl (EulerOS-SA-2022-2786)
The remote host is missing an update for the Huawei...
7.5CVSS
7.8AI Score
0.01EPSS
EulerOS 2.0 SP9 : yajl (EulerOS-SA-2022-2786)
According to the versions of the yajl package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow...
7.5CVSS
8.6AI Score
0.01EPSS
EulerOS 2.0 SP9 : yajl (EulerOS-SA-2022-2751)
According to the versions of the yajl package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow...
7.5CVSS
8.6AI Score
0.01EPSS
AlmaLinux 8 : yajl (ALSA-2022:7524)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7524 advisory. yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to...
7.5CVSS
8.3AI Score
0.01EPSS
macOS 13.x < 13.0.1 Multiple Vulnerabilities (HT213504)
The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.0.1. It is, therefore, affected by multiple vulnerabilities: An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several...
7.8CVSS
7.3AI Score
0.004EPSS
SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2022:3871-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3871-1 advisory. Possible cross-site scripting vulnerability in libxml after commit 960f0e2. (CVE-2016-3709) An issue was...
7.8CVSS
7.6AI Score
0.004EPSS
Debian DLA-3172-1 : libxml2 - LTS security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3172 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer...
7.8CVSS
7.8AI Score
0.004EPSS
SUSE SLES12 Security Update : libxml2 (SUSE-SU-2022:3717-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3717-1 advisory. Possible cross-site scripting vulnerability in libxml after commit 960f0e2. (CVE-2016-3709) An issue was discovered in libxml2...
7.8CVSS
7.6AI Score
0.004EPSS