147 matches found
Xxe
The XMLParse procedure in SAP Sybase Adaptive Server Enterprise ASE 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML External Entity XX...
CVE-2013-6025
The XMLParse procedure in SAP Sybase Adaptive Server Enterprise ASE 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML External Entity XX...
CVE-2013-6025
CVE-2013-6025 concerns XMLExternalEntity (XXE) processing in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2. The XMLParse procedure lets remote authenticated users read arbitrary files via a crafted XML document containing an external entity declaration. Affected product/version: SAP ASE ...
CVE-2012-1148
CVE-2012-1148 is a denial-of-service vulnerability in Expat: a memory leak in poolGrow when expanding entities can be triggered by processing crafted XML, leading to increased memory usage and potential crash of the application using the vulnerable Expat library. The vulnerability is listed acros...
IBM DB2 XML Feature DoS and CREATE VARIABLE Security Bypass Vulnerabilities
The host is running IBM DB2 and is prone to denial of service and security bypass vulnerabilities. OpenVAS Vulnerability Test $Id: gbibmdb2xmldosncreatevarsecbypassvuln.nasl 5999 2017-04-21 09:02:32Z teissa $ IBM DB2 XML Feature DoS and CREATE VARIABLE Security Bypass Vulnerabilities Authors:...
CVE-2012-0712
The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service infinite loop by calling the XMLPARSE function with a crafted string expression...
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-1334)
Multiple issues have been fixed in php5 : - phpopensslapplyverificationpolicy fails to verify certificate CVE-2009-3291 - 'missing sainity checks around exif' CVE-2009-3292 - unspecified vulnerability in the imagecolortransparent CVE-2009-3293 - denial of service in exif module CVE-2009-2687...