EUVD-2019-7494

Malware in sbrugna...

CVE-2025-10911

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...

OESA-2025-1543 yelp-xsl security update

This package contains XSL stylesheets that are used by the yelp help browser. Security Fixes: A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate us...

[SECURITY] Fedora 42 Update: yelp-xsl-42.1-7.fc42

This package contains XSL stylesheets that are used by the yelp help browser...

Vulnerable dependencies in Nokogiri

Summary Nokogiri v1.13.2 upgrades two of its packaged dependencies: - vendored libxml2 from v2.9.12 to v2.9.13 - vendored libxslt from v1.1.34 to v1.1.35 Those library versions address the following upstream CVEs: - libxslt: CVE-2021-30560 CVSS 8.8, High severity - libxml2: CVE-2022-23308...

[SECURITY] Fedora 34 Update: yelp-xsl-40~rc-1.fc34

This package contains XSL stylesheets that are used by the yelp help browse r...

UBUNTU-CVE-2019-17020

If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security...

Mozilla Firefox Security Bypass Vulnerability (CNVD-2020-02975)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 72, which stems from the program not applying content security policies to the XSL stylesheets of XML documents. An attacker could us...

SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2019:1896-1)

This update for libxml2 fixes the following issues : Issue fixed : Fixed a bug related to the fix for CVE-2016-9318 which allowed xsltproc to access the internet even when --nonet was given and also was making docbook-xsl-stylesheets to have incomplete xml catalog file bsc1010675, bsc1126613 and...

SUSE SLES11 Security Update : libxml2 (SUSE-SU-2019:13985-1)

This update for libxml2 fixes the following issues : Security issue fixed : CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval function when parsing an invalid XPath expression in the XPATHOPAND or XPATHOPOR case leading to a denial of service attack bsc1102046 Other Issue...

Apache Camel XSLT Component XML External Entity (CVE-2014-0002)

An XML External Entity XXE vulnerability has been reported in Apache Camel. The vulnerability is due to an error in handling XSL stylesheets in the XSLT component. A remote, unauthenticated attacker can exploit this vulnerability to disclose the contents of files accessible to Apache Camel's Java...

Ubuntu USN-857-1 (qt4-x11)

The remote host is missing an update to qt4-x11 announced via advisory USN-857-1. OpenVAS Vulnerability Test $Id: ubuntu8571.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8571.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-857-1 qt4-x11 Authors: Thomas...

Ubuntu 8.10 / 9.04 : qt4-x11 vulnerabilities (USN-857-1)

It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...

USN-857-1: Qt vulnerabilities

It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...

CVE-2002-0618

The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution"...