Lucene search
K

53 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2021-3517)

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this...

8.6CVSS6.7AI score0.0828EPSS
Exploits0References3
Rosalinux
Rosalinux
added 2025/11/09 1:37 p.m.4 views

Advisory ROSA-SA-2025-3048

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.1 unaffected versions = libxml2-2.9.7-21.0.1.rv31.3 affected versions libxml2-2.9.7-21.0.1.1.rv31.3 CVE-ID: CVE-2016-3709 BDU-ID: CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Libxml2 library is related to the failure to take measures to...

9.8CVSS8.3AI score0.22791EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 3: libxml2 (TSSA-2022:0210)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0210 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.2AI score0.0828EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.9 views

Alibaba Cloud Linux 3 : 0047: libxml2 (ALINUX3-SA-2021:0047)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0047 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3516: There's a flaw in libxml2's...

8.8CVSS7.2AI score0.0828EPSS
Exploits1References6
Rosalinux
Rosalinux
added 2025/02/24 12:28 p.m.14 views

Advisory ROSA-SA-2025-2710

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 packageevrstring: libxml2-2.9.7-18.0.1 CVE-ID: CVE-2021-3518 BDU-ID: 2021-05283 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the xinclude.c component of the Libxml2 library is related to memory usage after it has been freed. Exploitation of th...

8.8CVSS7.4AI score0.0828EPSS
Exploits0
Broadcom
Broadcom
added 2024/07/30 12:0 a.m.8 views

Multiple Vulnerabilities within libxml2 (CVE-2020-24977, CVE-2021-3517, CVE-2021-3518, CVE-2021-3537, CVE-2023-29469, CVE-2023-28484, CVE-2022-40303, CVE-2022-40304, CVE-2021-3541)

: Brocade Fibre Channels products are affected by multiple Libxml2 vulnerabilities Brocade Fibre Channels products are affected by multiple Libxml2 vulnerabilities CVE-2020-24977 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at...

8.8CVSS5.6AI score0.22791EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.27 views

RHEL 7 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Missing validation for external entities in xmlParsePEReference CVE-2017-7375 - libxml2:...

9.5AI score0.22791EPSS
Exploits19References24
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.32 views

Splunk Enterprise 8.1 < 8.1.13, 8.2.0 < 8.2.10, 9.0.0 < 9.0.4 (SVD-2023-0215)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0215 advisory. - Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very...

8.8CVSS7.7AI score0.0828EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.30 views

CentOS 9 : libxml2-2.9.12-4.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libxml2-2.9.12-4.el9 build changelog. - xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. CVE-2019-20388 - GNOME project libxml2...

8.8CVSS7.4AI score0.0828EPSS
Exploits2References8
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/07 11:0 p.m.39 views

Security Bulletin: IBM Flex System switch firmware products are affected by vulnerabilities in Libxml2

Summary The following vulnerabilites in Libxml2 have been addressed by IBM Flex System switch firmware products. Vulnerability Details CVEID: CVE-2021-3517 DESCRIPTION: GNOME libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by xmlEncodeEntitiesInternal in...

8.6CVSS8.6AI score0.0828EPSS
Exploits0Affected Software4
Amazon
Amazon
added 2023/05/03 12:0 a.m.64 views

Medium: libxml2

Issue Overview: parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. CVE-2017-16931 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in...

9.8CVSS7.8AI score0.22791EPSS
Exploits8
Circl
Circl
added 2023/02/16 11:40 a.m.4 views

CVE-2021-3517

creationtimestamp| type| source ---|---|--- 2023-02-16 11:40:08+00:00| seen| https://t.me/truesecator/4074...

8.6CVSS7.1AI score0.0828EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.3 views

SUSE CVE-2021-3517

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this...

8.6CVSS9.2AI score0.0828EPSS
Exploits0References142
Tenable Nessus
Tenable Nessus
added 2023/01/04 12:0 a.m.35 views

Amazon Linux 2 : libxml2 (ALAS-2021-1662)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1662 advisory. GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at...

8.6CVSS7.5AI score0.0828EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2022/04/21 12:0 a.m.234 views

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 (RHSA-2022:1389)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1389 advisory. This release adds the new Apache HTTP Server 2.4.37 Service Pack 11 packages that are part of the JBoss Core Services offering. This...

9.8CVSS7.5AI score0.70561EPSS
Exploits3References18
RedHat Linux
RedHat Linux
added 2022/04/20 7:44 p.m.438 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security...

9.8CVSS7.2AI score0.70561EPSS
Exploits3References9
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-1131)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.8AI score0.0828EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/02/12 12:0 a.m.51 views

EulerOS Virtualization 3.0.6.0 : libxml2 (EulerOS-SA-2022-1082)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed ...

8.8CVSS7.1AI score0.0828EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2021-0213)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.8AI score0.0828EPSS
Exploits1References6
NCSC
NCSC
added 2022/01/19 12:0 a.m.30 views

Vulnerabilities fixed in Oracle Systems

Oracle has fixed vulnerabilities in the following products: Solaris Operating System Sun ZFS Storage Appliance Kit AK Software Sun ZFS Storage Application Integration Engineering Software Fujitsu SPARC Servers Firmware The vulnerability with CVE attribute CVE-2021-2351 allows for an unauthorized...

8.6CVSS8.3AI score0.50732EPSS
Exploits7
Rows per page
Query Builder