1651 matches found
MiracleLinux 9 : thunderbird-91.13.0-1.el9.ML.1 (AXSA:2022-4103:21)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4103:21 advisory. Mozilla: Address bar spoofing via XSLT error handling CVE-2022-38472 Mozilla: Cross-origin XSLT Documents would have inherited the parent's...
MiracleLinux 8 : thunderbird-91.13.0-1.el8.ML.1 (AXSA:2022-3794:12)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3794:12 advisory. Mozilla: Address bar spoofing via XSLT error handling CVE-2022-38472 Mozilla: Cross-origin XSLT Documents would have inherited the parent's...
MiracleLinux 7 : firefox-91.3.0-1.0.1.el7.AXS7 (AXSA:2021-2530:32)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2530:32 advisory. Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 Mozilla: iframe sandbox rules d...
MiracleLinux 9 : firefox-91.13.0-1.el9.ML.1 (AXSA:2022-4048:34)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4048:34 advisory. Mozilla: Address bar spoofing via XSLT error handling CVE-2022-38472 Mozilla: Cross-origin XSLT Documents would have inherited the parent's...
MiracleLinux 7 : libxslt-1.1.28-6.0.3.el7.AXS7 (AXSA:2025-9905:06)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9905:06 advisory. CVE-2024-55549: fix use-after-free issue related to exclusion of result prefixes CVEs: CVE-2024-55549 xsltGetInheritedNsList in libxslt before 1.1.43 has a...
MiracleLinux 7 : firefox-128.8.0-1.0.1.el7.AXS7 (AXSA:2025-9734:08)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9734:08 advisory. firefox: Use-after-free in WebTransportChild CVE-2025-1931 firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process...
MiracleLinux 7 : libxml2-2.9.1-6.6.0.5.el7.AXS7 (AXSA:2025-10894:16)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10894:16 advisory. CVE-2025-7425: fix heap-use-after-free in xmlFreeID caused by 'atype' corruption CVE-2025-6021: fix integer overflows in buffer size calculations...
CVE-2020-7914
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3...
[SECURITY] [DLA 4428-1] mediawiki security update
Debian LTS Advisory DLA-4428-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 30, 2025 https://wiki.debian.org/LTS Package : mediawiki Version : 1:1.35.13-1+deb11u6 CVE ID : CVE-2025-67475 CVE-2025-67478 CVE-2025-67479 CVE-2025-67480 CVE-2025-67481...
CLSA-2025-1765288229 libxslt: Fix of CVE-2025-7424
CVE-2025-7424: fix type confusion in xsltDocumentFunctionLoadDocument...
TencentOS Server 4: firefox (TSSA-2025:0582)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0582 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Mozilla Firefox ESR < 45.7
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 45.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-02 advisory. - A use-after-free vulnerability in the Media Decoder when working with media files when some events are...
Important: xmlunit
Issue Overview: XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled. CVE-2024-31573 Affected Packages: xmlunit Issue Correction: Run dnf update xmlunit...
[SECURITY] Fedora 42 Update: qt5-qtxmlpatterns-5.15.18-1.fc42
The Qt XML Patterns module provides support for XPath, XQuery, XSLT, and XML Schema validation...
Astra Linux – Vulnerability in Firefox, Thunderbird
The XSLT document loading failed to properly propagate the source document, which bypassed its CSP. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...
Linux Distros Unpatched Vulnerability : CVE-2025-11731
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the exsltFuncResultComp function of libxslt, which handles EXSLT elements during stylesheet parsing. Due to improper type handling, the...
CVE-2024-31573
XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled...
OESA-2025-2445 libxslt security update
Libxslt is the XSLT C library developed for the GNOME project Security Fixes: A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.CVE-2025-10911...
OESA-2025-2443 libxslt security update
Libxslt is the XSLT C library developed for the GNOME project Security Fixes: A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.CVE-2025-10911...
CVE-2024-31573
XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled...