604 matches found
The vulnerability of the libxml2 library, which allows a hacker to cause a service failure or obtain confidential information
The vulnerability of the xmlSAX2TextNode function SAX2.c in the HTML parser of the libxml2 library is due to buffer overflow. Exploiting this vulnerability can allow an attacker to cause a service failure application termination or obtain confidential information through specially crafted XML dat...
Cisco Adaptive Security Appliance Denial of Service Vulnerability (CNVD-2016-03383)
Cisco Adaptive Security Appliance ASA, Adaptive Security Appliance is a set of firewall appliances from the American company Cisco Cisco. The appliance also includes IPS Intrusion Prevention System, SSL VPN, IPSec VPN, anti-spam and other features. A security vulnerability exists in the XML parse...
Wireshark IEEE 802.11 parser denial of service vulnerability (CNVD-2016-02770)
Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. A denial of service vulnerability exists in the epan/dissectors/packet-ieee80211.c file in the IEEE 802.11 parser in versions 2.x prior to Wireshark 2.0.2. A remote attacker can...
Wireshark NFS Parser Denial of Service Vulnerability (CNVD-2016-02774)
Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. A denial of service vulnerability exists in the NFS parser in Wireshark versions 2.0.2 prior to 2.x. A remote attacker can exploit this vulnerability to cause a denial of service...
Wireshark NCP Parser Denial of Service Vulnerability (CNVD-2016-02649)
Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. A security vulnerability in the epan/dissectors/packet-ncp2222.inc file in the NCP parser in versions 2.0.x prior to Wireshark 2.0.3 can be exploited by remote attackers to cause a...
Wireshark MS-WSP parser denial of service vulnerability (CNVD-2016-02654)
Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. A security vulnerability in the epan/dissectors/packet-mswsp.c file in the MS-WSP parser in versions 2.0.x prior to Wireshark 2.0.3 can be exploited by remote attackers to cause a...
Wireshark DNP3 Parser Denial of Service Vulnerability
Wireshark is the most popular network protocol parser. Wireshark's implementation of the DNP3 parser has a security vulnerability in the function dnp3alprocessobject in epan/dissectors/packet-dnp.c, which can be exploited by a remote attacker to cause a denial of service application crash...
Wireshark ASN.1 BER Parser Denial of Service Vulnerability
Wireshark is the most popular network protocol parser. A denial of service vulnerability exists in the Wireshark ASN.1 BER parser, which can be exploited by an attacker to cause a denial of service out-of-bounds read and application crash...
Libxml2 Denial of Service Vulnerability (CNVD-2016-01133)
Libxml2 is the GNOME project team developed a C-based language used to parse XML documents library , which supports a variety of encoding formats , Xpath parsing , Well-formed and valid validation and so on. A security vulnerability exists in the 'htmlParseNameComplex' function in the HTMLparser....
Wireshark ZigBee ZCL Parser Denial of Service Vulnerability
Wireshark is the most popular network protocol parser. Wireshark version 2.0.x prior to 2.0.1 and version 1.12.x prior to 1.12.9 ZigBee ZCL parser epan/dissectors/packet-zbee-zcl-general.c in the dissectzclpwrprof pwrprofstatersp function fails to properly validate the general profile number fiel...
CVE-2015-8027
Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service uncaughtException and service outage via a pipelined HTTP request...
OpenJDK: incomplete supportDTD enforcement (JAXP, 8130078)
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893...
OpenJDK: leak of user.dir location (JAXP, 8078427)
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP...
UBUNTU-CVE-2015-4870
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser...
F5 Networks BIG-IP : SOAP parser vulnerability (SOL15879)
The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue in the soapxmlParseFile and...
Wireshark GSM RLC/MAC Parser Denial of Service Vulnerability
Wireshark is an open source protocol analysis program. A dead loop vulnerability exists in the Wireshark GSM RLC/MAC parser, which allows attackers to exploit the vulnerability by submitting special message parses to crash the application...
Debian DLA-266-1 : libxml2 security update
This upload to Debian squeeze-lts fixes three issues found in the libxml2 package. 1 CVE-2015-1819 / 782782 Florian Weimer from Red Hat reported an issue against libxml2, where a parser which uses libxml2 chokes on a crafted XML document, allocating gigabytes of data. This is a fine line issue...
Cisco Nexus OS Device Command Line Interface Local Elevation of Privilege Vulnerability
Nexus is Cisco's line of network switches designed for data centers. A security vulnerability in the CLI parser of the Cisco Nexus Operating System NX-OS allows an authenticated, local attacker to gain elevated privileges by exploiting this vulnerability...
Wireshark WCCP Parser Remote Denial of Service Vulnerability (CNVD-2015-03985)
Wireshark is an open source network protocol analysis tool. A security vulnerability in the Wireshark WCCP parser allows remote attackers to exploit the vulnerability to submit special request data and crash the application...
Cisco ASA VPN XML Parser Denial of Service Vulnerability
The Cisco Adaptive Security Appliance is an adaptive security appliance that provides modules for security and VPN services. A security vulnerability exists in Cisco ASA Software's XML parser that stems from a failure to effectively strengthen the XML parser configuration. It could be exploited b...