30 matches found
Siemens SIMATIC S7-1500 Use After Free (CVE-2016-5131)
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. This plugin only works with Tenable.ot. Please...
Linux Distros Unpatched Vulnerability : CVE-2016-5131
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or...
Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to arbitrary code execution and denial of service due to CVE-2017-15412 and CVE-2016-5131
Summary libxml2 is not used directly by IBM App Connect Enterprise Certified Container but is present in the base operating system packages. IBM App Connect Enterprise Certified Container may be vulnerable to arbitrary code execution and denial of service. This bulletin provides patch information...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.18)
The version of AOS installed on the remote host is prior to 5.18. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.18 advisory. - When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats A...
SUSE: Security Advisory (SUSE-SU-2018:0395-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20200407)
libxml2: Use after free triggered by XPointer paths beginning with range-to libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate function in xpath.c libxml2: DoS caused by incorrect error detection during XZ decompression libxml2: NULL pointer dereference in xmlXPathCompOpEval functio...
libxml2 security update
CentOS Errata and Security Advisory CESA-2020:1190 An update for libxml2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2018-1089)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2018-1156)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial ...
SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2018:0401-1)
This update for libxml2 fixes one issue. This security issue was fixed : - CVE-2017-15412: Prevent use after free when calling XPath extension functions that allowed remote attackers to cause DoS or potentially RCE bsc1077993 - CVE-2016-5131: Use-after-free vulnerability in libxml2 allowed remote...
SUSE SLES11 Security Update : libxml2 (SUSE-SU-2018:0395-1)
This update for libxml2 fixes several issues. Theses security issues were fixed : - CVE-2017-16932: Fixed infinite recursion could lead to an infinite loop or memory exhaustion when expanding a parameter entity in a DTD bsc1069689. - CVE-2017-15412: Prevent use after free when calling XPath...
Fedora Update for libxml2 FEDORA-2018-db610fff5b
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libxml2 & perl-XML-LibXML packages fix security vulnerabilities
Use-after-free error could lead to crash CVE-2016-4658. Use-after-free vulnerability in libxml2 through 2.9.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function CVE-2016-5131. libxml2 2.9.4 and earli...
Fedora Update for libxml2 FEDORA-2017-be8574d593
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Copy-Paste Vulnerability (CPV) Through Libxml2
nokogiri has a copied version of the libxml2 library. The copy that nokogiri includes is vulnerable to the following issues: 1. CVE-2016-4658 - Use after free vulnerability via the namespace nodes in XPointer 2. CVE-2016-5131 - Use-after-free vulnerability via the XPointer range-to function...
Ubuntu 14.04 LTS / 16.04 LTS : libxml2 vulnerabilities (USN-3235-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3235-1 advisory. It was discovered that libxml2 incorrectly handled format strings. If a user or automated system were tricked into opening a specially crafte...
Nokogiri gem contains several vulnerabilities in libxml2 and libxslt
Nokogiri version 1.7.1 has been released, pulling in several upstream patches to the vendored libxml2 to address the following CVEs: CVE-2016-4658 CVSS v3 Base Score: 9.8 Critical libxml2 in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to...
Security fix for the ALT Linux 8 package libxml2 version 1:2.9.4.0.12.e905-alt1
1:2.9.4.0.12.e905-alt1 built March 7, 2017 Dmitry V. Levin in task 179256 --- March 3, 2017 Dmitry V. Levin - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627,...
Security fix for the ALT Linux 10 package libxml2 version 1:2.9.4.0.12.e905-alt1
March 3, 2017 Dmitry V. Levin 1:2.9.4.0.12.e905-alt1 - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4449, CVE-2016-4483, CVE-2016-4658,...
Security fix for the ALT Linux 9 package libxml2 version 1:2.9.4.0.12.e905-alt1
March 3, 2017 Dmitry V. Levin 1:2.9.4.0.12.e905-alt1 - v2.9.3-5-g65112cb - v2.9.4-12-ge905f08 fixes: CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4449, CVE-2016-4483, CVE-2016-4658,...