Vulnerabilities in libxml2 (CVE-2026-0989 CVE-2026-0990 CVE-2026-0992) affect AIX

IBM SECURITY ADVISORY First Issued: Thu May 28 14:13:09 CDT 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/libxml2advisory11.asc Security Bulletin: Vulnerabilities in libxml2 CVE-2026-0989, CVE-2026-0990, CVE-2026-0992,...

ROOT-OS-DEBIAN-13-CVE-2026-0992 CVE-2026-0992 in rootio-libxml2 - Patched by Root

Root has patched CVE-2026-0992 in the rootio-libxml2 package for Root:Debian:13. Multiple fixed versions available...

Photon OS 4.0: Imagemagick PHSA-2026-4.0-0992

An update of the ImageMagick package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0992. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Important Photon OS Security Update - PHSA-2026-4.0-0992

Updates of 'ImageMagick' packages of Photon OS have been released...

Slackware: Security Advisory (SSA:2026-070-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:20631-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2026:0605-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0605-1 advisory. - CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in...

openSUSE Security Advisory (SUSE-SU-2026:0570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc1256811 CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to...

CVE-2026-0992

creationtimestamp| type| source ---|---|--- 2026-02-08 12:01:14+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3medv5qnloz2s 2026-02-23 12:01:40+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mfjm6a7nip2h 2026-03-05 08:02:33+00:00| seen|...

Ubuntu: Security Advisory (USN-7974-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2026-0992

A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to...

CVE-2026-0992

A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to...

CVE-2021-0992

In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app without user consent due to tapjack overlay. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

CVE-2022-0992

The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on initial 2FA set-up that allows unauthenticated and unauthorized users to configure 2FA for pending...

TencentOS Server 4: flatpak (TSSA-2024:0992)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0992 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2013-0992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and...

CVE-2024-0992

creationtimestamp| type| source ---|---|--- 2024-01-29 02:26:17+00:00| seen| https://t.me/ctinow/175045 2024-02-21 09:06:42+00:00| seen| https://t.me/ctinow/189357...

CVE-2024-0992 Tenda i6 httpd wifiSSIDset formwrlSSIDset stack-based overflow

A vulnerability was found in Tenda i6 1.0.0.93857 and classified as critical. This issue affects the function formwrlSSIDset of the file /goform/wifiSSIDset of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. T...

CVE-2024-0992

CVE-2024-0992 affects Tenda i6 1.0.0.9(3857) in the httpd component via the formwrlSSIDset function at /goform/wifiSSIDset. The index argument manipulation leads to a stack-based buffer overflow, enabling remote exploitation (attack vector: network; impact: high confidentiality, integrity, and av...