Lucene search
K

255 matches found

OSV
OSV
added 2025/05/16 1:24 p.m.3 views

OESA-2025-1525 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: A flaw was found in GLib. An integer...

3.7CVSS7.4AI score0.00416EPSS
Exploits0References2
Amazon
Amazon
added 2025/05/13 12:0 a.m.7 views

Medium: libxml2

Issue Overview: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...

7.5CVSS6.9AI score0.00559EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.15 views

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2025-963)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-963 advisory. In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead...

7.5CVSS6.6AI score0.00559EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.7 views

Azure Linux 3.0 Security Update: libsoup (CVE-2025-32050)

The version of libsoup installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32050 advisory. - A flaw was found in libsoup. The libsoup appendparamquoted function May contain an overflow bug resulting i...

5.9CVSS7.1AI score0.00714EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.4 views

CBL Mariner 2.0 Security Update: libsoup (CVE-2025-32050)

The version of libsoup installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32050 advisory. - A flaw was found in libsoup. The libsoup appendparamquoted function May contain an overflow bug resulting i...

5.9CVSS7.1AI score0.00714EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/05/06 4:3 p.m.7 views

libsoup: Integer overflow in append_param_quoted

A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer under-read...

5.9CVSS7.5AI score0.00714EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/05/03 12:0 a.m.13 views

SUSE SLED15: libxml2-2 / libxml2-2-32bit / libxml2-devel / libxml2-devel-32bit / etc (SUSE-SU-2025:1438-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1438-1 advisory. - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 -...

7.5CVSS6.9AI score0.00559EPSS
Exploits2References7
OSV
OSV
added 2025/05/02 1:44 p.m.9 views

SUSE-SU-2025:1440-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 - CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453...

7.5CVSS7.2AI score0.00559EPSS
Exploits2References5
OSV
OSV
added 2025/05/02 1:44 p.m.9 views

SUSE-SU-2025:1439-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 - CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453...

7.5CVSS7.2AI score0.00559EPSS
Exploits2References5
SUSE Linux
SUSE Linux
added 2025/05/02 1:44 p.m.2 views

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453 Patch Instructions: To install this SUSE update use...

5.6CVSS7.3AI score0.00559EPSS
Exploits2References8
OSV
OSV
added 2025/05/02 1:44 p.m.7 views

SUSE-SU-2025:1438-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 - CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453...

7.5CVSS7.2AI score0.00559EPSS
Exploits2References5
Veracode
Veracode
added 2025/04/28 5:1 a.m.14 views

Heap-based Buffer Under-read

libxml2.so is vulnerable to a Heap-based buffer under-read. The vulnerability is due to improper handling of identity constraints in the XML schema processing, specifically in the xmlSchemaIDCFillNodeTables function in xmlschemas.c, allows a heap-based buffer under-read when certain identity...

7.5CVSS7.5AI score0.00559EPSS
Exploits1References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/04/28 12:0 a.m.33 views

libxml2 < 2.13.8 / 2.14.x < 2.14.2 Multiple Vulnerabilities (macOS)

The version of libxml2 installed on the remote host is affected by multiple vulnerabilities. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and...

7.5CVSS6.7AI score0.00559EPSS
Exploits2References4
Debian
Debian
added 2025/04/27 4:48 p.m.59 views

[SECURITY] [DLA 4140-1] libsoup2.4 security update

Debian LTS Advisory DLA-4140-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson April 27, 2025 https://wiki.debian.org/LTS Package : libsoup2.4 Version : 2.72.0-2+deb11u2 CVE ID : CVE-2025-2784 CVE-2025-32050 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906...

9CVSS6.9AI score0.00847EPSS
Exploits1
Snyk
Snyk
added 2025/04/21 9:55 p.m.3 views

Buffer Under-read

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Buffer Under-read in the xmlSchemaIDCFillNodeTables function. An attacker can cause partial denial of service by by validating a malicious XML document against an XML schema usin...

7.5CVSS6.8AI score0.00559EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/04/17 12:0 a.m.15 views

CVE-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

2.9CVSS0.00559EPSS
Exploits1References1
OSV
OSV
added 2025/04/17 12:0 a.m.13 views

CVE-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

2.9CVSS4AI score0.00559EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/04/17 12:0 a.m.11 views

CVE-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

2.9CVSS7.1AI score0.00559EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/04/08 1:48 a.m.4 views

SUSE CVE-2025-3360

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the gdatetimenewfromiso8601 function...

5.9CVSS7.1AI score0.00416EPSS
Exploits0References8
NVD
NVD
added 2025/04/07 1:15 p.m.10 views

CVE-2025-3360

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the gdatetimenewfromiso8601 function...

3.7CVSS0.00416EPSS
Exploits0References5
Rows per page
Query Builder