Lucene search
K

37 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2015-7499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context- dependent attackers to obtain sensitive process memory...

5CVSS7AI score0.06464EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2016:0030-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS8.8AI score0.0721EPSS
Exploits2References14
OpenVAS
OpenVAS
added 2021/04/21 12:0 a.m.25 views

CentOS: Security Advisory for libxml2 (CESA-2015:2549)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1CVSS9.5AI score0.0721EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2016:0049-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS8.1AI score0.0721EPSS
Exploits3References15
Amazon
Amazon
added 2019/05/29 12:0 a.m.69 views

Medium: libxml2

Issue Overview: A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information.CVE-2015-8242 A denial of service flaw w...

9.8CVSS8.6AI score0.0721EPSS
Exploits2
Veracode
Veracode
added 2019/05/02 5:51 a.m.43 views

Denial Of Service (DoS)

The libxml2 library is a development toolbox providing the implementation of various XML standards. Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or...

7.1CVSS9.2AI score0.0721EPSS
Exploits2References33Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/04/01 12:0 a.m.42 views

Apple TV < 9.2 Multiple Vulnerabilities

According to its banner, the remote Apple TV device is a version prior to 9.2. It is, therefore, affected by the following vulnerabilities : - An XML external entity XXE expansion flaw exists in libxml2 due to the XML parser accepting entities from untrusted sources. An unauthenticated, remote...

10CVSS8.5AI score0.33367EPSS
Exploits8References25
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.38 views

Fedora 23 : libxml2-2.9.3-1.fc23 (2015-c24af963a2)

Very large set of security issues for libxml2 and a bunch of bug fixes tooCVE-2015-8242 CVE-2015-7500 CVE-2015-7499 CVE-2015-5312 CVE-2015-7498 CVE-2015-7497 CVE-2015-1819 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 Note that Tenable Network Security has extracted the preceding description block...

7.1CVSS6.9AI score0.0721EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.38 views

Fedora 22 : libxml2-2.9.3-1.fc22 (2015-037f844d3e)

Very large set of security issues for libxml2 and a bunch of bug fixes tooCVE-2015-8242 CVE-2015-7500 CVE-2015-7499 CVE-2015-5312 CVE-2015-7498 CVE-2015-7497 CVE-2015-1819 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 Note that Tenable Network Security has extracted the preceding description block...

7.1CVSS6.9AI score0.0721EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2016/01/25 12:0 a.m.26 views

openSUSE Security Update : libxml2 (openSUSE-2016-32)

security update: This update fixes the following security issues : - CVE-2015-1819 Enforce the reader to run in constant memory bnc928193 - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors bnc951734 - CVE-2015-7942 Fix another variation...

7.1CVSS7.4AI score0.0721EPSS
Exploits3References24
RubySec
RubySec
added 2016/01/19 12:0 a.m.34 views

Nokogiri gem contains a heap-based buffer overflow vulnerability in libxml2

Nokogiri version 1.6.7.2 has been released, pulling in several upstream patches to the vendored libxml2 to address the following CVE: CVE-2015-7499 CVSS v2 Base Score: 5.0 MEDIUM Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent...

5CVSS3.7AI score0.06464EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/01/12 12:0 a.m.43 views

SUSE SLED11 / SLES11 Security Update : libxml2 (SUSE-SU-2016:0030-1)

This update fixes the following security issues : - CVE-2015-1819 Enforce the reader to run in constant memory bnc928193 - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors bnc951734 - CVE-2015-7942 Fix another variation of overflow in...

7.1CVSS7.4AI score0.0721EPSS
Exploits2References34
Tenable Nessus
Tenable Nessus
added 2016/01/12 12:0 a.m.33 views

SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2016:0049-1)

security update: This update fixes the following security issues : - CVE-2015-1819 Enforce the reader to run in constant memory bnc928193 - CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors bnc951734 - CVE-2015-7942 Fix another variation...

7.1CVSS7.4AI score0.0721EPSS
Exploits3References37
Debian
Debian
added 2015/12/23 1:19 p.m.43 views

[SECURITY] [DSA 3430-1] libxml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3430-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 23, 2015 https://www.debian.org/security/faq -...

7.1CVSS2.7AI score0.0721EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2015/12/22 12:0 a.m.39 views

Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20151207)

Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use...

7.1CVSS6.9AI score0.0721EPSS
Exploits2References14
CVE
CVE
added 2015/12/15 9:0 p.m.172 views

CVE-2015-7499

CVE-2015-7499 (libxml2) involves a heap-based buffer overflow in the xmlGROW function of parser.c, affecting libxml2 prior to 2.9.3. The consequence described is memory disclosure/leakage under certain crafted XML inputs. The Amazon Linux 2 advisory ALAS2-2019-1220 confirms libxml2 exposure and l...

5CVSS7AI score0.06464EPSS
Exploits0References25Affected Software4
Cvelist
Cvelist
added 2015/12/15 9:0 p.m.23 views

CVE-2015-7499

Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors...

7.4AI score0.06464EPSS
Exploits0References25
Debian CVE
Debian CVE
added 2015/12/15 9:0 p.m.32 views

CVE-2015-7499

Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors...

5CVSS8.3AI score0.06464EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/12/15 12:0 a.m.47 views

Ubuntu 14.04 LTS : libxml2 vulnerabilities (USN-2834-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2834-1 advisory. Kostya Serebryany discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a...

7.1CVSS7.1AI score0.0721EPSS
Exploits1References9
RubySec
RubySec
added 2015/12/15 12:0 a.m.38 views

Nokogiri gem contains several vulnerabilities in libxml2

Nokogiri version 1.6.7.1 has been released, pulling in several upstream patches to the vendored libxml2 to address the following CVEs: CVE-2015-5312 CVSS v2 Base Score: 7.1 HIGH The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion,...

7.1CVSS3.4AI score0.0721EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder