15 matches found
Apache Log4j 2.0-alpha1 < 2.25.4 XmlLayout Invalid XML Output (CVE-2026-34480)
The version of Apache Log4j on the remote host is 2.0-alpha1 through 2.25.3. It is, therefore, affected by a vulnerability: - The XmlLayout fails to sanitize characters forbidden by the XML 1.0 specification, producing invalid XML output whenever a log message or MDC value contains such character...
SUSE CVE-2026-40021
Apache Log4net's XmlLayout https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list and XmlLayoutSchemaLog4J https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list , in versions before 3.3.0, fail to sanitize characters forbidden by the XML 1.0...
SUSE CVE-2026-40023
Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...
Apache Log4net: Silent log event loss in XmlLayout and XmlLayoutSchemaLog4J due to unescaped XML 1.0 forbidden characters
Apache Log4net's XmlLayout https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list and XmlLayoutSchemaLog4J https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list , in versions before 3.3.0, fail to sanitize characters forbidden by the XML 1.0...
CVE-2026-40023
Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...
CVE-2026-40023
Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...
CVE-2026-40023 Apache Log4cxx, Apache Log4cxx (Conan), Apache Log4cxx (Brew): Silent log event loss in XMLLayout due to unescaped XML 1.0 forbidden characters
Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...
Apache Log4cxx 安全漏洞
Apache Log4cxx is a C++ logging framework developed by the Apache Foundation, based on the Apache log4j framework. Versions of Apache Log4cxx prior to 1.7.0 contained security vulnerabilities. These vulnerabilities stemmed from XMLLayout not clearing characters prohibited by the XML 1.0...
EUVD-2013-4140
Malware in sbrugna...
August 6, 2024, update for Access 2016 (KB5002589)
August 6, 2024, update for Access 2016 KB5002589 This article describes update 5002589 for Microsoft Access 2016 that was released on August 6, 2024.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to...
CVE-2013-4236
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167...
Design/Logic Flaw
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167...
CVE-2013-4236
CVE-2013-4236 affects VDSM in Red Hat Enterprise Virtualization 3 and 3.2. The issue stems from an incomplete fix for CVE-2013-0167 and can allow a privileged guest user to make the host running the guest unavailable to the management server via invalid XML characters in a guest agent response. P...
CVE-2013-4236
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167...
PT-2013-4913 · Red Hat · Red Hat Enterprise Virtualization
Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization versions 3 and 3.2 Description: The issue allows privileged guest users to cause the host to become unavailable to the management server by sending a guest agent response containing invalid XML characters. Th...