Lucene search
K

36 matches found

OSV
OSV
added 2022/02/26 5:15 a.m.3 views

UBUNTU-CVE-2022-23308

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...

7.5CVSS6.8AI score0.0601EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/07/07 12:0 a.m.5 views

The vulnerability of the `xmlEncodeEntitiesInternal` function in the `libxml2/entities.c` file of the Libxml2 library involves reading data beyond the allowed buffer limits. This allows attackers to access confidential data and also trigger a denial-of-service attack.

The vulnerability of the xmlEncodeEntitiesInternal function in the libxml2/entities.c file of the Libxml2 library is related to reading data beyond the allowed buffer limits. Exploiting this vulnerability allows an attacker to gain access to confidential data and also cause service interruptions...

6.5CVSS7.1AI score0.03672EPSS
Exploits1References13Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/10/01 12:0 a.m.4 views

The vulnerability in the parser.c component of the libxml2 library allows a hacker to trigger a service failure.

The vulnerability of the parser.c component in the libxml2 library is related to the failure to release resources after their useful period has ended. Exploiting this vulnerability can allow an attacker to cause service failures...

5CVSS6.7AI score0.05515EPSS
Exploits0References16Affected Software9
CNVD
CNVD
added 2020/03/26 12:0 a.m.3 views

Buffer overflow vulnerability in libxml2 component of multiple Apple products (CNVD-2020-22134)

Apple iOS is an operating system for mobile devices. apple watchOS is an operating system for smartwatches. apple iPadOS is an operating system for iPad tablets. libxml2 is one of the XML document parsing libraries. A buffer overflow vulnerability exists in the libxml2 component of several Apple...

9.8CVSS7.9AI score0.02964EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/02/07 11:1 p.m.26 views

rubygem-loofah: XSS vulnerability due to unescaped comments within attributes by libxml2

In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment...

6.1CVSS6.7AI score0.01984EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2016/08/04 12:0 a.m.78 views

Debian Security Advisory DSA 3637-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1704 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1705 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1706 Pinkie Pie...

9.3CVSS0.5AI score0.0246EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2016/08/02 12:0 a.m.43 views

Debian DSA-3637-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2016-1704 The chrome development team found and fixed various issues during internal auditing. - CVE-2016-1705 The chrome development team found and fixed various issues during internal auditing. - CVE-2016-1706 Pinki...

9.6CVSS7AI score0.0246EPSS
Exploits2References40
BDU FSTEC
BDU FSTEC
added 2016/07/19 12:0 a.m.4 views

The vulnerability of the libxml2 library, which allows a hacker to trigger a service failure

The vulnerability of the xmlDictComputeFastQKey function in the dict.c file of the libxml2 library is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...

5CVSS7.8AI score0.0721EPSS
Exploits0References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/06/09 12:0 a.m.7 views

Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to trigger service interruptions or execute arbitrary code

The vulnerability of the libxml2 library in iOS and Mac OS X operating systems arises due to buffer overflows. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely or cause a service failure memory corruption using a specially crafted XML document...

7.5CVSS7.5AI score0.07347EPSS
Exploits2References14Affected Software6
RedHat Linux
RedHat Linux
added 2015/07/20 2:6 p.m.6 views

libxml2: denial of service processing a crafted XML document

A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory...

5CVSS6.8AI score0.0634EPSS
Exploits0References4
OSV
OSV
added 2015/05/01 12:0 a.m.27 views

DSA-3243-1 libxml-libxml-perl - security update

Bulletin has no description...

5CVSS9.3AI score0.04013EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2014/05/19 11:10 a.m.5 views

libxml2: external parameter entity loaded when entity substitution is disabled

It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity XXE attacks, possibly resulting ...

4.3CVSS6.7AI score0.081EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2013/12/03 12:0 a.m.31 views

VMware ESXi security update for third party library (VMSA-2013-0004) - Remote Version Check

The remote ESXi is missing one or more security related Updates from VMSA-2013-0004. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

6.8CVSS8.4AI score0.04382EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2013/11/13 12:0 a.m.48 views

ESXi 5.0 < Build 764879 Multiple Vulnerabilities (remote check)

The remote VMware ESXi 5.0 host is affected by the following security vulnerabilities : - Errors exist in the Libxml2 library functions 'xmlXPathNextPrecedingSibling', 'xmlNodePtr' and 'xmlXPathNextPrecedingInternal' that could allow denial of service attacks or arbitrary code execution...

9.3CVSS8AI score0.13727EPSS
Exploits5References9
Tenable Nessus
Tenable Nessus
added 2013/11/13 12:0 a.m.82 views

ESXi 5.0 < Build 1022489 Multiple Vulnerabilities (remote check)

The remote VMware ESXi 5.0 host is affected by the following vulnerabilities : - An off-by-one overflow condition exists in the xmlXPtrEvalXPtrPart function due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted XML file, t...

7.9CVSS8.5AI score0.04382EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2012/09/22 12:0 a.m.32 views

CentOS Update for libxml2 CESA-2012:1288 centos6

Check for the Version of libxml2 OpenVAS Vulnerability Test CentOS Update for libxml2 CESA-2012:1288 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

6.8CVSS0.0266EPSS
Exploits0References2
Rows per page
Query Builder