433 matches found
Fedora 36 : libxml2 / xmlsec1 (2022-aeafd24818)
The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2022-aeafd24818 advisory. Update to 2.10.3 Fix CVE-2022-40303 Fix CVE-2022-40304 Tenable has extracted the preceding description block directly from the Fedora security...
CVE-2022-4719 Business Logic Errors in ikus060/rdiffweb
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5...
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key potentially leading to subsequent logic errors. In one case a double-free can be provoked.
...
CVE-2022-40304
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked...
CVE-2022-40304
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked...
CVE-2022-40304
CVE-2022-40304: libxml2 before 2.10.3 contains invalid XML entity definitions that can corrupt a hash table key, potentially triggering logic errors and, in at least one case, a double-free. Affected library is libxml2; CVSS v3.1 shows base score 7.8 (HIGH) with LOCAL access, high impact. Public ...
CVE-2022-40304
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked...
SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2022:3871-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3871-1 advisory. - Possible cross-site scripting vulnerability in libxml after commit 960f0e2. CVE-2016-3709 - An issue was...
Rdiffweb subject to Business Logic Errors
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...
GHSA-JW36-MRVG-J5FX Rdiffweb subject to Business Logic Errors
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...
Business Logic Errors
rdiffweb contains business logic errors. A privileged local attacker is able to disable multi factor authentication, which leads to unauthorized access...
CVE-2022-3363
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...
Code injection
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...
PYSEC-2022-42978
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...
PYSEC-2022-42978
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...
CVE-2022-3363 Business Logic Errors in ikus060/rdiffweb
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...
CVE-2022-3363 Business Logic Errors in ikus060/rdiffweb
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...
PT-2022-21793 · Rdiffweb · Rdiffweb
Name of the Vulnerable Software and Affected Versions: rdiffweb versions prior to 2.5.0a7 Description: The issue concerns Business Logic Errors in the GitHub repository ikus060/rdiffweb. Recommendations: For versions prior to 2.5.0a7, update to version 2.5.0a7 or later to resolve the issue...
CVE-2022-3363 Business Logic Errors in ikus060/rdiffweb
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...
CVE-2022-3363
CVE-2022-3363 affects rdiffweb prior to 2.5.0a7. The issue is described as business logic errors in the GitHub repository ikus060/rdiffweb. Practical impact is reflected by the high base scores in the CVSS vectors (critical in NVD). Affected component: rdiffweb software; root cause: business logi...