EUVD-2012-0904

Malware in sbrugna...

EUVD-2017-4173

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-12627

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions...

Oracle Essbase Multiple Vulnerabilities (October 2024 CPU)

The version of Oracle Essbase installed on the remote host is missing a security patch from the October 2024 Critical Patch Update CPU. It is, therefore, affected by: - Vulnerability in Oracle Essbase component: Essbase Web Platform curl. The supported version that is affected is 21.6. Easily...

Oracle Essbase Multiple Vulnerabilities (July 2024 CPU)

The version of Oracle Essbase installed on the remote host is missing a security patch from the July 2024 Critical Patch Update CPU. It is, therefore, affected by: - Vulnerability in Oracle Essbase component: Essbase Web Platform Apache Xerces-C++. The supported version that is affected is 21.5.6...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, libcurl, Apache Xerces C++ XML parser, and Newtonsoft.Json may affect IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V

Summary IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V can be affected by security flaws in IBM WebSphere Application Server Liberty, libcurl, Apache Xerces C++ XML parser, and Newtonsoft.Json. The flaws can lead to server-side request forgery, bypass of security...

Security Bulletin: A vulnerability in Apache Xerces C++ XML parser may affect IBM Storage Protect HSM for Windows

Summary IBM Storage Protect HSM for Windows can be affected by a security flaw in Apache Xerces C++ XML parser. The flaw can lead to arbitrary code execution, as described in the "Vulnerability Details" section. CVE-2024-23807. Vulnerability Details CVEID:CVE-2024-23807 DESCRIPTION: Apache Xerces...

RHEL 6 : xerces-c (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xerces-c: Use-after-free in heap on specially crafted XML input CVE-2016-2099 - internal/XMLReader.cpp in...

Oracle Access Manager (Apr 2024 CPU)

The 12.2.1.4.0 versions of Access Manager installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. - Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: Webserver Plugin Apache Xerces-C++. The support...

CVE-2024-23807

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

CVE-2024-23807

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

Design/Logic Flaw

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

CVE-2024-23807

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

CVE-2024-23807 Apache Xerces C++: Use-after-free on external DTD scan

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

CVE-2024-23807 Apache Xerces C++: Use-after-free on external DTD scan

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

Apache Xerces-C Resource Management Error Vulnerability

Apache Xerces-C is an XML parser from the Apache USA Foundation written in C++. Apache Xerces-C suffers from a resource management error vulnerability that stems from memory reuse after release...

SUSE CVE-2017-12627

In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions...

openSUSE 15 Security Update : xerces-c (openSUSE-SU-2021:2958-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2958-1 advisory. - The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not be...

openSUSE 15 Security Update : xerces-c (openSUSE-SU-2021:1231-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1231-1 advisory. - The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not be...

SUSE SLED15 / SLES15 Security Update : xerces-c (SUSE-SU-2021:2958-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2958-1 advisory. - The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has n...