31 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-4447
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service heap-based buffer underread...
eyeconsultants.net Cross Site Scripting vulnerability OBB-3355500
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
K24322529: libxml2 vulnerabilities CVE-2016-4447 and CVE-2016-4449
Security Advisory Description CVE-2016-4447 The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service heap-based buffer underread and application crash via a crafted file, involving xmlParseName. CVE-2016-4449 XML external...
Slackware: Security Advisory (SSA:2016-148-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1538-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in libxml2 affect IBM RackSwitch Networking products
Summary IBM RackSwitch Networking products have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM RackSwitch Networking products have addressed the following vulnerabilities in libxml2. Vulnerability Details: CVE-ID: CVE-2016-3627 Description: libxml2 is...
Security Bulletin: Vulnerabilities in libxml2 affect IBM Flex System Networking Switch products
Summary IBM Flex System Networking Switch products have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM Flex System Networking Switch products have addressed the following vulnerabilities in libxml2. Vulnerability Details: CVE-ID: CVE-2016-3627 Description:...
Security Bulletin: Rational Systems Tester is affected by Libxml2 vulnerabilities (CVE-2016-4447, CVE-2016-4448, CVE-2016-4449)
Summary A set of Libxml2 vulnerabilities were disclosed by the Libxml2 Project. Libxml2 is used by Rational Systems Tester. Rational Systems Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-4447 DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by a...
Security Bulletin: IBM Security Access Manager for Mobile is affected by security vulnerabilities in libxml2
Summary Vulnerabilities have been identified in the libxml2 library, which is a development toolbox providing the implementation of various XML standards. IBM Security Access Manager for Mobile uses libxml2 and is affected by these vulnerabilities. Vulnerability Details CVEID: CVE-2016-4448...
Security Bulletin: IBM Cognos AnalyticsのLibxml2脆弱性について
Summary IBM Cognos Analytics 11.0.5.0で修正されている複数の脆弱性についてお知らせ致します。 IBM® WebSphere Application Server Libertyには複数のLibxml2 脆弱性が存在します。LibertyはCognos Analytics で使用されています。これらの問題はIBM WebSphere Application Server Libertyの更新の一部として公開されました。 2つのクロスサイトスクリプティングに関する脆弱性も修正されています。 脆弱性の詳細につきましては、下記サイトをご覧ください。...
About the security content of iTunes 12.4.2 for Windows - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
Fedora Update for libxml2 FEDORA-2017-be8574d593
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Tenable Log Correlation Engine (LCE) < 4.8.1 Multiple Vulnerabilities
The version of Tenable Log Correlation Engine LCE installed on the remote host is prior to 4.8.1. It is, therefore, affected by the following vulnerabilities : - Multiple cross-site scripting XSS vulnerabilities exist in the Handlebars library in the lib/handlebars/utils.js script due to a failur...
F5 Networks BIG-IP : libxml2 vulnerabilities (K24322529)
CVE-2016-4447 The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service heap-based buffer underread and application crash via a crafted file, involving xmlParseName. CVE-2016-4449 XML external entity XXE vulnerability in t...
Amazon Linux: Security Advisory (ALAS-2016-719)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libxml2 packages fix security vulnerability
A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the...
Apple iTunes < 12.4.2 Multiple Vulnerabilities (uncredentialed check)
The version of Apple iTunes running on the remote Windows host is prior to 12.4.2. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist in the libxslt component due to improper validation of user-supplied input. An unauthenticated, remote attacker can...
Apple iTunes < 12.4.2 Multiple Vulnerabilities (credentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.4.2. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist in the libxslt component due to improper validation of user-supplied input. An unauthenticated, remote attacker c...
Amazon Linux AMI : libxml2 (ALAS-2016-719)
A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the...
RedHat Update for libxml2 RHSA-2016:1292-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...