Lucene search
+L

612 matches found

F5 Networks
F5 Networks
added 2025/08/11 9:36 a.m.9 views

K000152952: libxml2 vulnerability CVE-2025-6021

Security Advisory Description A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. CVE-2025-6021 Impact...

7.5CVSS7.8AI score0.01067EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-40896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers t...

9.1CVSS7.3AI score0.01192EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/10 5:14 p.m.9 views

CVE-2025-8732

A flaw was found in libxml2. The xmlParseSGMLCatalog function within the xmlcatalog component exhibits uncontrolled recursion when processing a specially crafted catalog file. A local attacker can trigger this recursive behavior, which can lead to an application level denial of service. Mitigatio...

4.8CVSS4AI score0.00202EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-6021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue...

7.5CVSS6.9AI score0.01067EPSS
Exploits1References2
F5 Networks
F5 Networks
added 2025/08/08 7:55 p.m.7 views

K000152930: libxml2 vulnerability CVE-2025-24928

Security Advisory Description libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047. CVE-2025-24928 Impact...

7.8CVSS7.4AI score0.00372EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/08/08 5:15 p.m.7 views

CVE-2025-8732

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...

4.8CVSS0.00202EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/08/08 4:32 p.m.7 views

CVE-2025-8732 libxml2 xmlcatalog xmlParseSGMLCatalog recursion

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...

4.8CVSS3.9AI score0.00202EPSS
Exploits1References6
CVE
CVE
added 2025/08/08 4:32 p.m.111 views

CVE-2025-8732

CVE-2025-8732 affects libxml2 up to 2.14.5, with a vulnerability in xmlParseSGMLCatalog that can trigger uncontrolled recursion during SGML catalog processing. Local attackers are required, and exploit details have circulated publicly; the real-world impact remains debated in some sources. Severa...

4.8CVSS4AI score0.00202EPSS
Exploits1References7Affected Software1
CNNVD
CNNVD
added 2025/08/08 12:0 a.m.4 views

libxml2 安全漏洞

libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, and XSH. A security vulnerability exists in libxml2 version 2.14.5 and earlier, which stems from an uncontrolled recursion problem...

4.8CVSS4.2AI score0.00202EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/08/08 12:0 a.m.6 views

PT-2025-32375

Name of the Vulnerable Software and Affected Versions libxml2 versions up to 2.14.5 Description A vulnerability exists in libxml2 related to uncontrolled recursion within the xmlParseSGMLCatalog function of the xmlcatalog component. The issue can be triggered with untrusted SGML catalogs. The...

6.2CVSS4AI score0.00755EPSS
Exploits4References50
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

AlmaLinux 9 : libxml2 (ALSA-2025:13428)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:13428 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox providin...

7.5CVSS6.5AI score0.00559EPSS
Exploits2References4
Redos
Redos
added 2025/08/07 12:0 a.m.4 views

ROS-20250807-01

A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a stacked buffer overflow. Exploitation The vulnerability could allow a remote attacker to cause a denial of service...

7.5CVSS6.6AI score0.01067EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

RHEL 9 : libxml2 (RHSA-2025:13314)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13314 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: Heap Use-After-Free in...

7.8CVSS6.5AI score0.00339EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

RHEL 9 : libxml2 (RHSA-2025:13309)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13309 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: Heap Use-After-Free in...

7.8CVSS6.5AI score0.00339EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

RHEL 9 : libxml2 (RHSA-2025:13312)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13312 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: Heap Use-After-Free in...

7.8CVSS6.5AI score0.00339EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

RHEL 10 : libxml2 (RHSA-2025:13429)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13429 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

7.5CVSS6.6AI score0.00559EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

CentOS 9 : libxml2-2.9.13-12.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libxml2-2.9.13-12.el9 build changelog. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap- based buffer under-read. To...

7.5CVSS6.7AI score0.00559EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.2 views

RHEL 9 : libxml2 (RHSA-2025:13428)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13428 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

7.5CVSS6.6AI score0.00559EPSS
Exploits2References7
Rosalinux
Rosalinux
added 2025/08/06 8:30 a.m.7 views

Advisory ROSA-SA-2025-2937

software: libxml2 2.9.14 OS: ROSA-CHROME unaffected versions = libxml2-2.9.14-9 affected versions libxml2-2.9.14-9 CVE-ID: CVE-2025-32414 BDU-ID: 2025-05199 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Python API component of the libxml2 library involves incorrect validation of the return val...

7.5CVSS6.5AI score0.00355EPSS
Exploits1
Redos
Redos
added 2025/08/06 12:0 a.m.5 views

ROS-20250806-06

Vulnerability in the libxml2 XML file parsing library is related to boundary checking errors in the shell xmllint - shell.c. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system...

2.5CVSS7AI score0.00202EPSS
Exploits0
Rows per page
Query Builder