Lucene search
K

63 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : libxml2-2.9.7-12.el8 (AXSA:2022-3108:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3108:01 advisory. libxml2: Use-after-free of ID and IDREF attributes CVE-2022-23308 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

7.5CVSS7.3AI score0.0601EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2025/11/09 1:37 p.m.5 views

Advisory ROSA-SA-2025-3048

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.1 unaffected versions = libxml2-2.9.7-21.0.1.rv31.3 affected versions libxml2-2.9.7-21.0.1.1.rv31.3 CVE-ID: CVE-2016-3709 BDU-ID: CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Libxml2 library is related to the failure to take measures to...

9.8CVSS8.3AI score0.22791EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.30 views

Rocky Linux 8 : libxml2 (RLSA-2022:0899)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0899 advisory. - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Nessus has not tested for this issue but has instead...

7.5CVSS7.2AI score0.0601EPSS
Exploits0References3
Amazon
Amazon
added 2023/05/03 12:0 a.m.64 views

Medium: libxml2

Issue Overview: parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. CVE-2017-16931 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in...

9.8CVSS7.8AI score0.22791EPSS
Exploits8
ALT Linux
ALT Linux
added 2023/02/02 12:0 a.m.75 views

Security fix for the ALT Linux 10 package libxml2 version 1:2.9.12-alt1.p10.1

1:2.9.12-alt1.p10.1 built Feb. 2, 2023 Alexander Danilov in task 314068 Jan. 24, 2023 Alexander Danilov - Applied security fixes from upstream Fixes: CVE-2022-23308, CVE-2022-29824, CVE-2022-40303, CVE-2022-40304...

4.3CVSS7.7AI score0.22791EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2023/01/06 12:0 a.m.23 views

EulerOS Virtualization 3.0.2.6 : libxml2 (EulerOS-SA-2023-1057)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Tenable Network...

7.5CVSS7.2AI score0.0601EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/11/30 12:0 a.m.29 views

Tenable Nessus < 8.15.7 Multiple Vulnerabilities (TNS-2022-26)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

9.8CVSS8.5AI score0.1593EPSS
Exploits8References1
OpenVAS
OpenVAS
added 2022/11/11 12:0 a.m.33 views

Tenable Nessus < 10.3.1 Multiple Vulnerabilities (TNS-2022-20)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

9.8CVSS8.4AI score0.1593EPSS
Exploits9References1
Tenable Nessus
Tenable Nessus
added 2022/11/10 12:0 a.m.33 views

Tenable Nessus 8.x < 8.15.7 Multiple Vulnerabilities (TNS-2022-26)

According to its self-reported version, the Tenable Nessus application running on the remote host is 8.x prior to 8.15.7. It is, therefore, affected by multiple vulnerabilities, including: - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 - zlib...

9.8CVSS7.6AI score0.1593EPSS
Exploits8References7
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/28 7:52 p.m.56 views

Security Bulletin: IBM Cloud Pak for Security is vulnerable to using components with known vulnerabilities

Summary IBM Cloud Pak for Security is vulnerable to using components with known vulnerabilities. These components have been updated in the latest release and the vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest...

9.8CVSS9.9AI score0.51733EPSS
Exploits11Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/10/10 12:0 a.m.40 views

EulerOS Virtualization 3.0.6.0 : libxml2 (EulerOS-SA-2022-2572)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 - In libxml2 before 2.9.14,...

7.5CVSS7.5AI score0.0601EPSS
Exploits5References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/16 7:40 p.m.80 views

Security Bulletin: IBM InfoSphere Identity Insight vulnerabilities in third party libraries (CVE-2021-39239, CVE-2022-23308, CVE-2021-29424, CVE-2020-15250, 177835)

Summary A vulnerability in the libxml2 library can cause a denial of service in IBM InfoSphere Identity Insight. Other vulnerabilities that do not impact Identity Insight are present in four libraries that are currently included with the product but not used. Vulnerability Details...

7.5CVSS7.7AI score0.10608EPSS
Exploits3Affected Software1
OpenVAS
OpenVAS
added 2022/08/01 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-2202)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.0601EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/29 12:0 a.m.17 views

EulerOS Virtualization 2.9.1 : libxml2 (EulerOS-SA-2022-2183)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Tenable Network...

7.5CVSS7.2AI score0.0601EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/29 12:0 a.m.18 views

EulerOS Virtualization 2.9.0 : libxml2 (EulerOS-SA-2022-2202)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Tenable Network...

7.5CVSS7.2AI score0.0601EPSS
Exploits0References2
Cloud Foundry
Cloud Foundry
added 2022/07/29 12:0 a.m.33 views

USN-5422-1: libxml2 vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly...

7.5CVSS8.3AI score0.0601EPSS
Exploits5Affected Software3
Tenable Nessus
Tenable Nessus
added 2022/07/27 12:0 a.m.37 views

SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2022:2552-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2552-1 advisory. - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 - In libxml...

7.5CVSS7.5AI score0.0601EPSS
Exploits5References7
OpenVAS
OpenVAS
added 2022/07/27 12:0 a.m.20 views

openSUSE: Security Advisory for libxml2 (SUSE-SU-2022:2552-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.4AI score0.0601EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2022/07/27 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2022:2552-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.0601EPSS
Exploits5References2
OSV
OSV
added 2022/07/26 12:55 p.m.7 views

SUSE-SU-2022:2552-1 Security update for libxml2

This update for libxml2 fixes the following issues: Update to 2.9.14: - CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c xmlBuf and tree.c xmlBuffer bsc1199132. Update to version 2.9.13: - CVE-2022-23308: Fixed a use-after-free of ID and IDREF...

7.5CVSS6.8AI score0.0601EPSS
Exploits5References5
Rows per page
Query Builder