Linux Distros Unpatched Vulnerability : CVE-2016-1684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attacke...

Debian: Security Advisory (DLA-514-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2020-1442)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : libxslt (EulerOS-SA-2020-1442)

According to the versions of the libxslt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid...

Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2519)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2627)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2019-2627)

According to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to caus...

Fedora 30 : mingw-libxslt (2019-320d5295fc)

Update to 1.1.33 Fix CVE-2016-1841, CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, CVE-2016-4609, CVE-2019-11068, CVE-2016-1684, CVE-2016-1683, CVE-2016-4738. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...

About the security content of iTunes 12.4.2 for Windows - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

Copy-Paste Vulnerability (CPV) Through Libxslt

nokogiri has a copied version of the libxslt library. The copy that nokogiri includes is vulnerable to the following issues: 1. CVE-2016-1683 - Denial of Service DoS via an out-of-bounds heap memory access. This is caused by libxslt mishandling namespace nodes leading to out-of-bounds heap memory...

Apple iTunes < 12.4.2 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes running on the remote Windows host is prior to 12.4.2. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist in the libxslt component due to improper validation of user-supplied input. An unauthenticated, remote attacker can...

Apple iTunes < 12.4.2 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is prior to 12.4.2. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist in the libxslt component due to improper validation of user-supplied input. An unauthenticated, remote attacker c...

FreeBSD : libxslt -- Denial of Service (1a2aa04f-3718-11e6-b3c8-14dae9d210b8)

Google reports : - 583156 Medium CVE-2016-1683: Out-of-bounds access in libxslt. Credit to Nicolas Gregoire. - 583171 Medium CVE-2016-1684: Integer overflow in libxslt. Credit to Nicolas Gregoire. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

[SECURITY] [DSA 3605-1] libxslt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3605-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 19, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3605-1] libxslt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3605-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 19, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DLA 514-1] libxslt security update

Package : libxslt Version : 1.1.26-14.1+deb7u1 CVE ID : CVE-2015-7995 CVE-2016-1683 CVE-2016-1684 Several vulnerabilities were found in libxslt. CVE-2015-7995 A missing type check could cause an application crash via a especially crafted file. CVE-2016-1683 An out of bounds heap access bug was...

USN-2992-1: Oxide vulnerabilities

An unspecified security issue was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2016-1673 An issue was discovered with Document reattachment in Blink in some circumstances. ...

CVE-2016-1684

numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service integer overflow or resource consumption or possibly have unspecified other impact via a crafted document...

CVE-2016-1684

CVE-2016-1684 is a libxslt vulnerability listed in Apple advisories and related OS X/iOS updates. Connected documents indicate libxslt multiple memory corruption issues were addressed (no explicit root-cause or fix version provided in the sources). Affected products include libxslt in Apple platf...

UBUNTU-CVE-2016-1684

numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service integer overflow or resource consumption or possibly have unspecified other impact via a crafted document...