CVE-2022-2309

creationtimestamp| type| source ---|---|--- 2026-03-13 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0287/...

RHEL 10 : fence-agents (RHSA-2026:2309)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2309 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable...

MiracleLinux 9 : python-lxml-4.6.5-3.el9 (AXSA:2023-4609:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-4609:01 advisory. lxml: NULL Pointer Dereference in lxml CVE-2022-2309 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

EUVD-2026-2309

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

CVE-2024-2309

The WP STAGING WordPress Backup Plugin WordPress plugin before 3.4.0, wp-staging-pro WordPress plugin before 5.4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml...

CVE-2023-2309

The wpForo Forum WordPress plugin before 2.1.9 does not escape some request parameters while in debug mode, leading to a Reflected Cross-Site Scripting vulnerability...

CVE-2021-2309

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

CVE-2013-2309

Cross-site scripting XSS vulnerability in the management screen in OpenPNE 3.4.x before 3.4.21.1, 3.6.x before 3.6.9.1, and 3.8.x before 3.8.5.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving the "mobile version color scheme."...

CVE-2002-2309

php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments...

CVE-2025-2309

creationtimestamp| type| source ---|---|--- 2025-03-14 21:44:53+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7644 2025-03-14 23:24:24+00:00| seen| https://t.me/cvedetector/20343 2025-03-15 00:51:35+00:00| seen|...

CVE-2025-2309 HDF5 Type Conversion Logic H5T__bit_copy heap-based overflow

A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5Tbitcopy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclos...

Linux Distros Unpatched Vulnerability : CVE-2022-2309

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together with libxml2 2.9.10...

Fedora 38 : python-lxml (2022-3ff6a5e8ab)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-3ff6a5e8ab advisory. Automatic update for python-lxml-4.9.1-1.fc38. Changelog Wed Sep 14 2022 Charalampos Stratakis - 4.9.1-1 - Update to 4.9.1 - Fix for CVE-2022-2309 - Resolves...

Microsoft Configuration Manager SQL注入漏洞

Microsoft Configuration Manager is a Microsoft solution for managing computers and servers within an organization that helps IT departments keep software up to date, set configuration and security policies, and monitor system status. A SQL injection vulnerability exists in Microsoft Configuration...

Debian dla-3878 : libxml2 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3878 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3878-1 [email protected]...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-2142)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-2122)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2024-2122)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used...

EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2024-2142)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used...

Advisory ROSA-SA-2024-2467

software: libxml2 2.9.14 OS: ROSA-CHROME packageevrstring: libxml2-2.9.14-5 CVE-ID: CVE-2023-45322 BDU-ID: 2023-06827 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlUnlinkNode function tree.c of the libxml2 library is related to memory usage after it is freed. Exploitation of the vulnerabili...