Unity Linux 20.1060e / 20.1070e Security Update: xerces-c (UTSA-2026-016688)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016688 advisory. The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the...

EUVD-2012-0904

Malware in sbrugna...

EUVD-2017-4173

Malware in sbrugna...

EUVD-2016-3202

Malware in sbrugna...

EUVD-2022-0613

Malicious code in bioql PyPI...

EUVD-2022-2787

Malicious code in bioql PyPI...

EUVD-2022-35072

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-12621

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - During Jelly xml file parsing with Apache Xerces, if a custom doctype entity is declared with a SYSTEM entity with a URL and that entity is used in the body of...

CVE-2022-2838

In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by security flaws in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser, and Data Protection for VMware. The flaws can lead to server-side request forgery,...

Linux Distros Unpatched Vulnerability : CVE-2022-23437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a vulnerability within the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML...

Linux Distros Unpatched Vulnerability : CVE-2016-2099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impa...

Linux Distros Unpatched Vulnerability : CVE-2017-12627

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions...

K000149270: Apache Xerces vulnerability CVE-2023-37536

Security Advisory Description An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request. CVE-2023-37536 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

Security Bulletin: Apache Xerces vulnerability Affects IBM Jazz Reporting Service

Summary Apache Xerces-J XML parser XML4J shipped with IBM Jazz Reporting Service is vulnerable to a denial of service attack that can be triggered by malformed XML data. Vulnerability Details CVEID:CVE-2020-14338 DESCRIPTION: Wildfly could allow a remote attacker to bypass security restrictions,...

Oracle Essbase Multiple Vulnerabilities (October 2024 CPU)

The version of Oracle Essbase installed on the remote host is missing a security patch from the October 2024 Critical Patch Update CPU. It is, therefore, affected by: - Vulnerability in Oracle Essbase component: Essbase Web Platform curl. The supported version that is affected is 21.6. Easily...

Oracle Essbase Multiple Vulnerabilities (July 2024 CPU)

The version of Oracle Essbase installed on the remote host is missing a security patch from the July 2024 Critical Patch Update CPU. It is, therefore, affected by: - Vulnerability in Oracle Essbase component: Essbase Web Platform Apache Xerces-C++. The supported version that is affected is 21.5.6...

Security Bulletin: IBM Security Verify Governance - Identity Manager has multiple vulnerabilities

Summary Multiple security vulnerabilities have been addressed in updates to IBM Security Verify Governance - Identity Manager software component and IBM Security Verify Governance - Identity Manager virtual appliance component. Vulnerability Details CVEID:CVE-2024-22262 DESCRIPTION: VMware Tanzu...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty and Apache Xerces C++ XML parser may affect IBM Storage Protect for Space Management

Summary IBM Storage Protect for Space Management can be affected by security flaws in IBM WebSphere Application Server Liberty and Apache Xerces C++ XML parser. The flaws can lead to server-side request forgery,, denial of service, and arbitrary code execution, as described in the "Vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, libcurl, Apache Xerces C++ XML parser, and Newtonsoft.Json may affect IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V

Summary IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V can be affected by security flaws in IBM WebSphere Application Server Liberty, libcurl, Apache Xerces C++ XML parser, and Newtonsoft.Json. The flaws can lead to server-side request forgery, bypass of security...