Lucene search
K

213 matches found

Cvelist
Cvelist
added 2014/11/04 4:0 p.m.29 views

CVE-2014-3660

parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...

5.5AI score0.03988EPSS
Exploits1References23
UbuntuCve
UbuntuCve
added 2014/10/16 12:0 a.m.31 views

CVE-2014-3660

parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...

5CVSS6.7AI score0.03988EPSS
Exploits1References3
NVD
NVD
added 2014/09/22 3:55 p.m.16 views

CVE-2014-3638

The busconnectionscheckreply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service CPU consumption via a large number of method calls...

2.1CVSS5.2AI score0.00388EPSS
Exploits0References11
Prion
Prion
added 2014/09/22 3:55 p.m.37 views

Design/Logic Flaw

The busconnectionscheckreply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service CPU consumption via a large number of method calls...

2.1CVSS6.4AI score0.00388EPSS
Exploits0References11Affected Software3
Debian CVE
Debian CVE
added 2014/09/22 3:0 p.m.24 views

CVE-2014-3638

The busconnectionscheckreply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service CPU consumption via a large number of method calls...

2.1CVSS4AI score0.00388EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2014/05/07 12:0 a.m.8 views

PT-2014-1834

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.2 libxml2-devel version 2.7.6 libxml2-static version 2.7.6 libxml2-debuginfo version 2.7.6 Description The issue is related to the xmlParserHandlePEReference function in parser.c in libxml2, which loads external...

10CVSS7.2AI score0.51733EPSS
Exploits37References143
UbuntuCve
UbuntuCve
added 2013/07/10 12:0 a.m.26 views

CVE-2013-2877

parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service out-of-bounds read via a document that ends abruptly, related to the lack of certain checks for the XMLPARSEREOF state...

5CVSS6.9AI score0.04733EPSS
Exploits0References6
Prion
Prion
added 2012/11/28 1:55 a.m.28 views

Heap overflow

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

6.8CVSS8.3AI score0.04382EPSS
Exploits1References22Affected Software3
NVD
NVD
added 2008/09/12 4:56 p.m.24 views

CVE-2008-3529

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a long XML entity name...

10CVSS7.2AI score0.23373EPSS
Exploits9References53
CVE
CVE
added 2008/09/12 4:0 p.m.159 views

CVE-2008-3529

No additional technical details about CVE-2008-3529 are present in the provided documents. Public details appear in the Initial Description, but no connected documents confirm affected products/versions/root cause/fixes. Monitor for updates.

10CVSS7.3AI score0.23373EPSS
Exploits9References53Affected Software1
Cvelist
Cvelist
added 2005/11/22 2:0 a.m.13 views

CVE-2004-2571

Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the 1 parseQmailFromBytesLine, 2 parseQmailToRemoteLine, 3 parseQmailToLocalLine, 4 parseSendmailFromBytesLine, 5 parseSendmailToLine, 6 parseEximFromBytesLine, and 7 parseEximToLine function...

7.7AI score0.03268EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2005/11/22 2:0 a.m.16 views

CVE-2004-2571

Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the 1 parseQmailFromBytesLine, 2 parseQmailToRemoteLine, 3 parseQmailToLocalLine, 4 parseSendmailFromBytesLine, 5 parseSendmailToLine, 6 parseEximFromBytesLine, and 7 parseEximToLine function...

7.5CVSS7.5AI score0.03268EPSS
Exploits0
OSV
OSV
added 2004/12/31 5:0 a.m.2 views

DEBIAN-CVE-2004-2571

Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the 1 parseQmailFromBytesLine, 2 parseQmailToRemoteLine, 3 parseQmailToLocalLine, 4 parseSendmailFromBytesLine, 5 parseSendmailToLine, 6 parseEximFromBytesLine, and 7 parseEximToLine function...

7.5CVSS7.9AI score0.03268EPSS
Exploits0References1
Rows per page
Query Builder