Lucene search
K

73 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:49 a.m.61 views

Security Bulletin: IBM Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.9

Summary Apache Portable Runtime, The Expat XML Parser and DOORS Web Access are identified as vulnerable components with multiple reported vulnerabilities. The IBM Engineering Requirements Management DOORS/DWA product version 9.7.2.8 is vulnerable to the below mentioned CVEs. Remediation actions a...

9.8CVSS10AI score0.43346EPSS
Exploits11Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2009-3560

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The big2toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denia...

5CVSS6.9AI score0.24313EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.20 views

RHEL 5 : xmlrpc-c (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - expat: buffer over-read and crash in big2toUtf8 on XML with malformed UTF-8 sequences CVE-2009-3560 Note that Nessu...

5CVSS7AI score0.24313EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.30 views

Oracle: Security Advisory (ELSA-2009-1625)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.4AI score0.27924EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2012/09/25 12:0 a.m.25 views

GLSA-201209-06 : Expat: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201209-06 Expat: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially...

5CVSS6.6AI score0.27924EPSS
Exploits3References6
OpenVAS
OpenVAS
added 2012/09/11 12:0 a.m.46 views

Slackware Advisory SSA:2011-041-03 httpd

The remote host is missing an update as announced via advisory SSA:2011-041-03. OpenVAS Vulnerability Test $Id: esoftslkssa201104103.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

5CVSS0.27924EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.33 views

Scientific Linux Security Update : expat on SL3.x, SL4.x, SL5.x i386/x86_64

CVE-2009-3720 expat: buffer over-read and crash on XML with malformed UTF-8 sequences CVE-2009-3560 expat: buffer over-read and crash in big2toUtf8 on XML with malformed UTF-8 sequences Two buffer over-read flaws were found in the way Expat handled malformed UTF-8 sequences when processing XML...

5CVSS6.5AI score0.27924EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.39 views

CentOS Update for expat CESA-2009:1625 centos3 i386

Check for the Version of expat OpenVAS Vulnerability Test CentOS Update for expat CESA-2009:1625 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

5CVSS7.4AI score0.27924EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.25 views

CentOS Update for expat CESA-2009:1625 centos3 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.3AI score0.27924EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2011/03/17 12:0 a.m.53 views

SuSE 11 Security Update : expat (SAT Patch Number 1765)

The previous expat security update CVE-2009-3560 caused parse errors with some xml documents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...

5CVSS6.3AI score0.24313EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2011/02/11 12:0 a.m.51 views

Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : expat (SSA:2011-041-02)

New expat packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2011-041-02. The text...

5CVSS6.4AI score0.3038EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2011/01/27 12:0 a.m.51 views

SuSE 10 Security Update : libxmlrpc (ZYPP Patch Number 6857)

This update of libxmlrpc is not vulnerable anymore to denial of service bugs that can occur while processing malformed XML input. - CVE-2009-3720: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Insufficient Information CWE-noinfo CVE-2009-3560: CVSS v2 Base Score: 5.0 MEDIUM...

5CVSS6.4AI score0.3038EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2010/12/02 12:0 a.m.35 views

SuSE 11 Security Update : Python (SAT Patch Number 2175)

This update of python has a copy of libxmlrpc that is vulnerable to denial of service bugs that can occur while processing malformed XML input. CVE-2009-2625: CVSS v2 Base Score: 5.0 moderate AV:N/AC:L/Au:N/C:N/I:N/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2009-3720: CVSS v2 Ba...

5CVSS6.4AI score0.3038EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2010/10/20 12:0 a.m.43 views

Apache 2.2.x < 2.2.17 Multiple Vulnerabilities

According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.17. It is, therefore, affected by the following vulnerabilities : - Errors exist in the bundled expat library that may allow an attacker to crash the server when a buffer is over- read when parsing an...

5CVSS6.8AI score0.27924EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2010/10/11 12:0 a.m.19 views

SuSE 10 Security Update : expat (ZYPP Patch Number 6703)

Specially crafted XML files could crash applications that use expat to parse such files. CVE-2009-3560 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid49849;...

5CVSS6.3AI score0.24313EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2010/10/11 12:0 a.m.20 views

SuSE 10 Security Update : expat (ZYPP Patch Number 6765)

The previous expat security update CVE-2009-3560 caused parse errors with some xml documents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid49850;...

5CVSS6.3AI score0.24313EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2010/10/11 12:0 a.m.32 views

SuSE 10 Security Update : Python (ZYPP Patch Number 6946)

This update of python has a copy of libxmlrpc that is vulnerable to denial of service bugs that can occur while processing malformed XML input. CVE-2009-2625: CVSS v2 Base Score: 5.0 moderate AV:N/AC:L/Au:N/C:N/I:N/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2009-3720: CVSS v2 Ba...

5CVSS6.4AI score0.3038EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2010/10/11 12:0 a.m.32 views

SuSE 10 Security Update : pyxml (ZYPP Patch Number 6715)

Specially crafted XML documents could make pyxml run into an enless loop, therefore locking up applications using pyxml. CVE-2009-3720 / CVE-2009-3560 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

5CVSS6.3AI score0.27924EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2010/10/10 12:0 a.m.27 views

FreeBSD Ports: apr

The remote host is missing an update to the system as announced in the referenced advisory. VID dd943fbb-d0fe-11df-95a8-00219b0fc4d8 OpenVAS Vulnerability Test $ Description: Auto generated from VID dd943fbb-d0fe-11df-95a8-00219b0fc4d8 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

5CVSS7.3AI score0.3038EPSS
Exploits5
OpenVAS
OpenVAS
added 2010/10/10 12:0 a.m.254 views

FreeBSD Ports: apr

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS7.3AI score0.27924EPSS
Exploits3References4
Rows per page
Query Builder