36 matches found
UBUNTU-CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
The vulnerability of the `xmlEncodeEntitiesInternal` function in the `libxml2/entities.c` file of the Libxml2 library involves reading data beyond the allowed buffer limits. This allows attackers to access confidential data and also trigger a denial-of-service attack.
The vulnerability of the xmlEncodeEntitiesInternal function in the libxml2/entities.c file of the Libxml2 library is related to reading data beyond the allowed buffer limits. Exploiting this vulnerability allows an attacker to gain access to confidential data and also cause service interruptions...
The vulnerability in the parser.c component of the libxml2 library allows a hacker to trigger a service failure.
The vulnerability of the parser.c component in the libxml2 library is related to the failure to release resources after their useful period has ended. Exploiting this vulnerability can allow an attacker to cause service failures...
Buffer overflow vulnerability in libxml2 component of multiple Apple products (CNVD-2020-22134)
Apple iOS is an operating system for mobile devices. apple watchOS is an operating system for smartwatches. apple iPadOS is an operating system for iPad tablets. libxml2 is one of the XML document parsing libraries. A buffer overflow vulnerability exists in the libxml2 component of several Apple...
rubygem-loofah: XSS vulnerability due to unescaped comments within attributes by libxml2
In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment...
Debian Security Advisory DSA 3637-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1704 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1705 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1706 Pinkie Pie...
Debian DSA-3637-1 : chromium-browser - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2016-1704 The chrome development team found and fixed various issues during internal auditing. - CVE-2016-1705 The chrome development team found and fixed various issues during internal auditing. - CVE-2016-1706 Pinki...
The vulnerability of the libxml2 library, which allows a hacker to trigger a service failure
The vulnerability of the xmlDictComputeFastQKey function in the dict.c file of the libxml2 library is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...
Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to trigger service interruptions or execute arbitrary code
The vulnerability of the libxml2 library in iOS and Mac OS X operating systems arises due to buffer overflows. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely or cause a service failure memory corruption using a specially crafted XML document...
libxml2: denial of service processing a crafted XML document
A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory...
DSA-3243-1 libxml-libxml-perl - security update
Bulletin has no description...
libxml2: external parameter entity loaded when entity substitution is disabled
It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity XXE attacks, possibly resulting ...
VMware ESXi security update for third party library (VMSA-2013-0004) - Remote Version Check
The remote ESXi is missing one or more security related Updates from VMSA-2013-0004. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...
ESXi 5.0 < Build 764879 Multiple Vulnerabilities (remote check)
The remote VMware ESXi 5.0 host is affected by the following security vulnerabilities : - Errors exist in the Libxml2 library functions 'xmlXPathNextPrecedingSibling', 'xmlNodePtr' and 'xmlXPathNextPrecedingInternal' that could allow denial of service attacks or arbitrary code execution...
ESXi 5.0 < Build 1022489 Multiple Vulnerabilities (remote check)
The remote VMware ESXi 5.0 host is affected by the following vulnerabilities : - An off-by-one overflow condition exists in the xmlXPtrEvalXPtrPart function due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted XML file, t...
CentOS Update for libxml2 CESA-2012:1288 centos6
Check for the Version of libxml2 OpenVAS Vulnerability Test CentOS Update for libxml2 CESA-2012:1288 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...