Lucene search
K

609 matches found

BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

The vulnerability of the Libxml2 software library for analyzing XML documents lies in the fact that an out-of-bound operation can be executed, allowing an attacker to cause a service failure.

The vulnerability of the Libxml2 software library for analyzing XML documents relates to the execution of operations beyond the acceptable data buffer limits. Exploiting this vulnerability allows a malicious actor to cause service failures...

4.3CVSS6.8AI score0.03121EPSS
Exploits2References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libxml2 package in the SUSE Linux Enterprise operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

6.8CVSS7.4AI score0.04382EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libxml2-2.5.10 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

10CVSS5.4AI score0.21686EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

The vulnerability of the Gentoo Linux operating system, which allows a malicious intruder to compromise the accessibility of protected information

The vulnerability of the libxml2 package up to version 2.9.1-r4 in the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...

4.3CVSS6.7AI score0.081EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

The vulnerability of the Gentoo Linux operating system, which allows a malicious intruder to compromise the accessibility of protected information

The vulnerability of the libxml2 package up to version 2.9.2 in the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. This vulnerability can be exploited remotely...

5CVSS6.6AI score0.03988EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2015/01/21 2:59 p.m.27 views

CVE-2014-0191

The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation i...

4.3CVSS7.3AI score0.081EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2014/12/05 12:0 a.m.36 views

F5 Networks BIG-IP : libxml2 vulnerability (SOL15872)

parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...

5CVSS6.3AI score0.03988EPSS
Exploits1References2
Prion
Prion
added 2014/11/04 4:55 p.m.29 views

Privilege escalation

parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...

5CVSS6.6AI score0.03988EPSS
Exploits1References23Affected Software5
Tenable Nessus
Tenable Nessus
added 2014/10/28 12:0 a.m.21 views

Ubuntu 14.04 LTS : libxml2 vulnerability (USN-2389-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2389-1 advisory. It was discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a...

5CVSS6.6AI score0.03988EPSS
Exploits1References2
OSV
OSV
added 2014/10/27 1:8 p.m.4 views

USN-2389-1 libxml2 vulnerability

It was discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service...

5CVSS6.7AI score0.03988EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/10/24 12:0 a.m.29 views

Mandriva Linux Security Advisory : libxml2 (MDVSA-2014:204)

A vulnerability has been found and corrected in libxml2 : A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, wou...

5CVSS6.2AI score0.03988EPSS
Exploits1References2
OSV
OSV
added 2014/10/16 12:0 a.m.10 views

UBUNTU-CVE-2014-3660

parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...

5CVSS6.7AI score0.03988EPSS
Exploits1References4
OSV
OSV
added 2014/01/21 6:55 p.m.9 views

CVE-2013-0339

libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service resource consumption, send HTTP requests to intranet servers,...

6.6AI score
Exploits0References16
Cvelist
Cvelist
added 2014/01/21 6:0 p.m.27 views

CVE-2013-0339

libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service resource consumption, send HTTP requests to intranet servers,...

9.1AI score0.03609EPSS
Exploits1References15
OSV
OSV
added 2013/07/10 10:55 a.m.8 views

CVE-2013-2877

parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service out-of-bounds read via a document that ends abruptly, related to the lack of certain checks for the XMLPARSEREOF state...

5.8AI score0.04733EPSS
Exploits0References18
securityvulns
securityvulns
added 2013/05/09 12:0 a.m.63 views

[USN-1817-1] libxml2 vulnerability

========================================================================== Ubuntu Security Notice USN-1817-1 May 07, 2013 libxml2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

7.5CVSS1.5AI score0.03819EPSS
Exploits1
NVD
NVD
added 2013/04/25 11:55 p.m.17 views

CVE-2013-1969

Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to the 1 htmlParseChunk and 2 xmldecldone functions, as demonstrated by a buffer...

7.5CVSS8AI score0.03819EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2013/01/31 7:14 p.m.6 views

libxml2: double free caused by malformed XPath expression in XSLT

Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression...

7.5CVSS6AI score0.01991EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/11/29 6:41 p.m.5 views

libxml2: Heap-buffer-underflow in xmlParseAttValueComplex

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

6.8CVSS7.9AI score0.04382EPSS
Exploits1References4
OSV
OSV
added 2012/11/28 1:55 a.m.6 views

CVE-2012-5134

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

7.9AI score0.04382EPSS
Exploits1References22
Rows per page
Query Builder