Lucene search
K

29 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2017-15412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap...

8.8CVSS7.9AI score0.02963EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.22 views

Debian: Security Advisory (DLA-1211-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.02963EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:38 a.m.2 views

SUSE CVE-2017-15412

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.4AI score0.02963EPSS
Exploits1References27
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/07 4:9 p.m.54 views

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to arbitrary code execution and denial of service due to CVE-2017-15412 and CVE-2016-5131

Summary libxml2 is not used directly by IBM App Connect Enterprise Certified Container but is present in the base operating system packages. IBM App Connect Enterprise Certified Container may be vulnerable to arbitrary code execution and denial of service. This bulletin provides patch information...

8.8CVSS7.8AI score0.02963EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.80 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.18)

The version of AOS installed on the remote host is prior to 5.18. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.18 advisory. - When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats A...

9.8CVSS8.4AI score0.9927EPSS
Exploits137References179
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2018:0395-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.4AI score0.05928EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/27 9:24 a.m.41 views

Security Bulletin: IBM MQ Appliance is affected by multiple libxml2 vulnerabilities

Summary IBM MQ Appliance has addressed multiple libxml2 vulnerabilities. Vulnerability Details CVEID: CVE-2015-8035 DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by the failure to properly detect compression errors by the xzdecomp function. By using specially-crafted XML data,...

8.8CVSS2AI score0.043EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/04/21 12:0 a.m.36 views

Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20200407)

libxml2: Use after free triggered by XPointer paths beginning with range-to libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate function in xpath.c libxml2: DoS caused by incorrect error detection during XZ decompression libxml2: NULL pointer dereference in xmlXPathCompOpEval functio...

8.8CVSS6.9AI score0.043EPSS
Exploits2References7
Cent OS
Cent OS
added 2020/04/08 6:42 p.m.220 views

libxml2 security update

CentOS Errata and Security Advisory CESA-2020:1190 An update for libxml2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.8CVSS6.7AI score0.043EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-1211)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.5AI score0.02963EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-1007)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.5AI score0.02963EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/04/09 12:0 a.m.36 views

EulerOS Virtualization 2.5.4 : libxml2 (EulerOS-SA-2019-1211)

According to the version of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacke...

8.8CVSS7.9AI score0.02963EPSS
Exploits1References2
Apple
Apple
added 2018/11/17 12:30 p.m.59 views

About the security content of tvOS 11.3 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

9.8CVSS0.4AI score0.38602EPSS
Exploits9Affected Software1
CVE
CVE
added 2018/08/28 7:0 p.m.303 views

CVE-2017-15412

CVE-2017-15412 is a use-after-free in libxml2 (affected before 2.9.5) used by Chrome and other products, potentially enabling heap corruption via crafted HTML. Connected advisories also reference CVE-2018-14404 (NULL pointer dereference in xmlXPathCompOpEval) affecting libxml2 up to 2.9.8 during ...

8.8CVSS7AI score0.02963EPSS
Exploits1References9Affected Software3
Tenable Nessus
Tenable Nessus
added 2018/02/12 12:0 a.m.55 views

openSUSE Security Update : libxml2 (openSUSE-2018-154)

This update for libxml2 fixes three security issues : - CVE-2017-15412: Prevent use after free when calling XPath extension functions that allowed remote attackers to cause DoS or potentially RCE bsc1077993 - CVE-2016-5131: Use-after-free vulnerability in libxml2 allowed remote attackers to cause...

8.8CVSS8.3AI score0.02963EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2018/02/09 12:0 a.m.31 views

SUSE SLES11 Security Update : libxml2 (SUSE-SU-2018:0395-1)

This update for libxml2 fixes several issues. Theses security issues were fixed : - CVE-2017-16932: Fixed infinite recursion could lead to an infinite loop or memory exhaustion when expanding a parameter entity in a DTD bsc1069689. - CVE-2017-15412: Prevent use after free when calling XPath...

8.8CVSS7.7AI score0.05928EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2018/02/09 12:0 a.m.39 views

SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2018:0401-1)

This update for libxml2 fixes one issue. This security issue was fixed : - CVE-2017-15412: Prevent use after free when calling XPath extension functions that allowed remote attackers to cause DoS or potentially RCE bsc1077993 - CVE-2016-5131: Use-after-free vulnerability in libxml2 allowed remote...

8.8CVSS8.3AI score0.02963EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2018/02/08 12:39 p.m.55 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

8.8CVSS7.1AI score0.02963EPSS
Exploits1References4
Veracode
Veracode
added 2018/02/08 2:39 a.m.30 views

Copy-Paste Vulnerability Through LibXML2

Nokogiri and Chef are vulnerable to attacks through a copied version of LibXML2 within the codebase. LibXML2 before 2.9.5 is vulnerable to CVE-2017-15412 - LibXML2 contains a use-after-free bug in the xmlXPathCompOpEvalPositionPredicate method in xpath.c...

8.8CVSS8.5AI score0.02963EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.29 views

Fedora 27 : chromium (2017-c2645aa935)

Security fix for CVE-2017-15412 CVE-2017-15422 CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15423 CVE-2017-15424 CVE-2017-15425 CVE-2017-15426...

8.8CVSS6.6AI score0.02963EPSS
Exploits1References21
Rows per page
Query Builder