28 matches found
BIT-JAVA-2025-7425 Libxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptr
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...
PT-2026-38056
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...
PT-2026-37849
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...
Astra Linux - уязвимость в libxml2
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
Directory Traversal
Overview nltk is a Natural Language Toolkit NLTK is a Python package for natural language processing. Affected versions of this package are vulnerable to Directory Traversal via the XML index file downloader. An attacker can overwrite arbitrary files and create directories at unintended locations...
JLSEC-2025-74 valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
EUVD-2013-6426
Malware in sbrugna...
EUVD-2025-20998
Malicious code in bioql PyPI...
EUVD-2022-28391
Malicious code in bioql PyPI...
libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...
libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...
libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...
libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...
CVE-2025-7425
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...
UBUNTU-CVE-2025-7425
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...
CVE-2025-7425
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...
PT-2025-29101
Name of the Vulnerable Software and Affected Versions libxml2 and libxslt versions prior to 2.12.7+dfsg+really2.9.14-0.4ubuntu0.4 libxslt versions 1.1.35-1.2+deb13u1 libxml2 versions prior to 2.9.14+dfsg-1.3deb12u4 libxml2 versions prior to 2.12.7+dfsg+really2.9.14-2.1+deb13u1 SLE 15 SP7...
CVE-2024-4227
In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...
CVE-2024-4227
In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...
PT-2024-20914 · Livemesh · Elementor Addons
Name of the Vulnerable Software and Affected Versions: Elementor Addons by Livemesh plugin for WordPress versions up to, and including, 8.3.6 Description: The issue is related to Stored Cross-Site Scripting via widget id attributes due to insufficient input sanitization and output escaping on...