Siemens SIMATIC S7-1500 Improper Restriction of XML External Entity Reference (CVE-2016-9318)

libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity XXE attacks via a crafte...

Linux Distros Unpatched Vulnerability : CVE-2016-9318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : libxml2 vulnerabilities (USN-3739-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3739-1 advisory. Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose...

BELL-CVE-2016-9318 CVE-2016-9318 does not affect BellSoft software

Bulletin has no description...

Security Bulletin: Vulnerabilities in libxml2 affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems

Summary IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter Systems has addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter Systems has addressed the following...

SUSE CVE-2016-9318

libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity XXE attacks via a crafte...

SUSE: Security Advisory (SUSE-SU-2017:2701-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:1896-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2017-1069)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-1353)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in libxml2 (CVE-2018-14404 CVE-2016-9318)

Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in libxml2. Vulnerability Details CVEID: CVE-2018-14404 DESCRIPTION: A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when parsing ...

SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2019:1896-1)

This update for libxml2 fixes the following issues : Issue fixed : Fixed a bug related to the fix for CVE-2016-9318 which allowed xsltproc to access the internet even when --nonet was given and also was making docbook-xsl-stylesheets to have incomplete xml catalog file bsc1010675, bsc1126613 and...

Photon OS 1.0: Libxml2 PHSA-2017-0001

An update of the libxml2 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0001. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121663;...

Security Bulletin: Vulnerability in libxml2 affects IBM Chassis Management Module (CVE-2016-9318)

Summary IBM Chassis Management Module has addressed the following vulnerability in libxml2. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerability in libxml2. Vulnerability Details: CVEID: CVE-2016-9318 Description: Libxml2 could allow a remote...

Copy-Paste Vulnerability (CPV) Through Libxml2

nokogiri is vulnerable to denial of service DoS attacks. The library uses a vulnerable version of libxml2, causing it to be vulnerable to the following CVEs: 1. CVE-2016-9318: XML External Entity XXE through a crafted document. 2. CVE-2017-16932: Infinite Recursion during parsing. 3...

USN-3739-1: libxml2 vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information...

Photon OS 1.0: Libxml2 / Linux / Openssh PHSA-2017-0001 (deprecated)

An update of openssh,linux,libxml2 packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0001. The text itself is copyright C VMware,...

Security Bulletin: A vulnerability in libxml2 affects IBM Flex System Manager (FSM) (CVE-2016-9318)

Summary A vulnerability has been discovered in libxml2 that is embedded in FSM. This bulletin addresses that issue. Vulnerability Details CVEID: CVE-2016-9318 DESCRIPTION: Libxml2 could allow a remote attacker to obtain sensitive information, caused by failure to offer a flag directly indicating...

Security Bulletin: Rational Systems Tester is affected by Libxml2 vulnerabilities CVE-2016-9318, CVE-2017-5969, CVE-2017-7375 and CVE-2017-8872

Summary A new Libxml2 vulnerability was disclosed by the Libxml2 Project. Libxml2 is used by Rational Systems Tester. Rational Systems Tester has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2016-9318 DESCRIPTION: Llibxml2 could allow a remote attacker to obtain sensitive...

Security Bulletin: Multiple vulnerabilities in XMLsoft Libxml2 affect IBM Streams

Summary There are multiple vulnerabilities in Libxml2 library used by IBM Streams. IBM Streams has addressed the applicable CVEs. Vulnerability Details CVE-ID: CVE-2016-2073 Description: libxml2 is vulnerable to a heap-based buffer overflow, caused by an out-of-bounds read in the...