Lucene search
+L

190 matches found

NVD
NVD
added 2017/02/27 7:59 a.m.16 views

CVE-2017-6344

XML External Entity XXE vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read arbitrary files via a crafted XML document...

5.9CVSS5.7AI score0.01233EPSS
Exploits1References2
Prion
Prion
added 2017/02/27 7:59 a.m.15 views

Xxe

XML External Entity XXE vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read arbitrary files via a crafted XML document...

4.3CVSS5.7AI score0.01233EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/12/21 12:0 a.m.86 views

F5 Networks BIG-IP : libxml2 vulnerability (K71926235)

The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document.CVE-2016-1838 C...

5.5CVSS6.8AI score0.06943EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2016/12/15 10:11 p.m.10 views

libxml2: Heap-based buffer-overread in xmlNextChar

The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

8.1CVSS7.4AI score0.06466EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/12/15 10:11 p.m.6 views

libxml2: Heap use-after-free in xmlDictComputeFastKey

Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document...

5.5CVSS7.3AI score0.03926EPSS
Exploits0References4
NVD
NVD
added 2016/09/07 7:28 p.m.16 views

CVE-2016-6898

XML external entity XXE vulnerability in the Hyper Management Module HMM in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service web service outage via a crafted XML document...

6.6CVSS6.3AI score0.00826EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2016/07/18 2:20 p.m.36 views

CVE-2016-1839

The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

5.5CVSS5.4AI score0.07347EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2016/07/18 2:19 p.m.29 views

CVE-2016-1836

Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document...

5.5CVSS5.6AI score0.03926EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/06/23 10:32 a.m.8 views

libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal

The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

5.5CVSS7.4AI score0.06943EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2016/06/23 10:32 a.m.6 views

libxml2: Heap-based buffer overread in htmlCurrentChar

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

5.5CVSS7.4AI score0.02559EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2016/06/09 12:0 a.m.7 views

Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to trigger service interruptions or execute arbitrary code

The vulnerability of the libxml2 library in iOS and Mac OS X operating systems arises due to buffer overflows. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely or cause a service failure memory corruption using a specially crafted XML document...

7.5CVSS8.1AI score0.05133EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/06/01 12:0 a.m.7 views

The vulnerability of the libxml2 library and the PHP interpreter allows attackers to trigger a service failure.

The vulnerability of the xslextfunctionphp function ext/xsl/xsltprocessor.c in the libxml2 library and the PHP interpreter is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure dereferencing the null pointer...

5CVSS7.4AI score0.06574EPSS
Exploits0References3Affected Software3
Cvelist
Cvelist
added 2016/05/22 1:0 a.m.27 views

CVE-2015-8866

ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxmldisableentityloader changes in other threads, which allows remote attackers to conduct XML External Entity XXE and XML Entity Expansion XEE attacks via a crafted XML...

8.6AI score0.04026EPSS
Exploits1References12
NVD
NVD
added 2016/05/20 10:59 a.m.24 views

CVE-2016-1839

The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

5.5CVSS6.3AI score0.07347EPSS
Exploits2References24
NVD
NVD
added 2016/05/20 10:59 a.m.16 views

CVE-2016-1837

Multiple use-after-free vulnerabilities in the 1 htmlPArsePubidLiteral and 2 htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a...

5.5CVSS6.7AI score0.04092EPSS
Exploits1References22
NVD
NVD
added 2016/05/20 10:59 a.m.14 views

CVE-2016-1836

Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document...

5.5CVSS6.5AI score0.03926EPSS
Exploits0References34
NVD
NVD
added 2016/05/20 10:59 a.m.19 views

CVE-2016-1834

Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted XML...

9.3CVSS8.7AI score0.04622EPSS
Exploits1References21
OSV
OSV
added 2016/05/20 10:59 a.m.3 views

DEBIAN-CVE-2016-1834

Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted XML...

7.8CVSS9.4AI score0.04622EPSS
Exploits1References1
NVD
NVD
added 2016/05/20 10:59 a.m.19 views

CVE-2016-1833

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

5.5CVSS6.2AI score0.02559EPSS
Exploits1References23
Prion
Prion
added 2016/05/20 10:59 a.m.25 views

Heap overflow

The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

4.3CVSS6.5AI score0.07347EPSS
Exploits2References24Affected Software14
Rows per page
Query Builder