Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2017-16931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '...

9.8CVSS7.9AI score0.04278EPSS
Exploits0References2
Amazon
Amazon
added 2023/05/03 12:0 a.m.64 views

Medium: libxml2

Issue Overview: parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. CVE-2017-16931 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in...

9.8CVSS7.8AI score0.22791EPSS
Exploits8
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.38 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2018-1089)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.7AI score0.23694EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/10/04 12:0 a.m.43 views

Amazon Linux 2 : libxml2 (ALAS-2019-1301)

xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free an...

10CVSS7.7AI score0.08628EPSS
Exploits0References3
Amazon
Amazon
added 2019/09/30 12:0 a.m.68 views

Medium: libxml2

Issue Overview: xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service...

10CVSS9AI score0.08628EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:40 a.m.28 views

Security Bulletin: Vulnerabilities in libxml2 affect Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows (CVE-2017-16931, CVE-2017-16932)

Summary Intel® Manycore Platform Software Stack Intel® MPSS for Linux and Windows have addressed the following vulnerabilities in libxml2. Vulnerability Details Summary Intel® Manycore Platform Software Stack Intel® MPSS for Linux and Windows have addressed the following vulnerabilities in libxml...

9.8CVSS0.9AI score0.05928EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/09/18 12:0 a.m.62 views

EulerOS Virtualization 2.5.0 : libxml2 (EulerOS-SA-2018-1258)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary co...

9.8CVSS8.3AI score0.05928EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/09/18 12:0 a.m.41 views

EulerOS Virtualization 2.5.1 : libxml2 (EulerOS-SA-2018-1257)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary co...

9.8CVSS8.3AI score0.05928EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/06/28 12:0 a.m.66 views

EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2018-1156)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial ...

9.8CVSS7.5AI score0.05928EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:20 p.m.31 views

Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM InfoSphere Identity Insight.

Summary Vulnerabilities have been addressed in the Libxml2 component of IBM InfoSphere Identity Insight. Vulnerability Details CVEID: CVE-2017-16932 DESCRIPTION: Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a...

9.8CVSS1.6AI score0.05928EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/12/01 12:0 a.m.36 views

Debian DLA-1194-1 : libxml2 security update

CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. CVE-2017-16932 parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in paramet...

9.8CVSS7.2AI score0.05928EPSS
Exploits0References4
Debian
Debian
added 2017/11/30 2:5 p.m.74 views

[SECURITY] [DLA 1194-1] libxml2 security update

Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy11 CVE ID : CVE-2017-16931 CVE-2017-16932 CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a % character in a DTD name...

9.8CVSS7.8AI score0.05928EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2017/11/24 3:49 p.m.34 views

CVE-2017-16931

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name...

9.8CVSS3AI score0.04278EPSS
Exploits0References1
Veracode
Veracode
added 2017/11/23 11:43 p.m.35 views

Copy-paste Vulnerability Through LibXML2

Nokogiri and chef are vulnerable to attacks through a copied version of LibXML2 within the codebase. LibXML2 before 2.9.5 is vulnerable to the following CVEs: 1 CVE-2017-16931 - LibXML2 incorrectly handles parameter-entity references in parser.c. 2 CVE-2017-16932 - LibXML2 can enter an infinite...

9.8CVSS7.8AI score0.05928EPSS
Exploits0
NVD
NVD
added 2017/11/23 9:29 p.m.24 views

CVE-2017-16931

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name...

9.8CVSS8.5AI score0.04278EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2017/11/23 9:29 p.m.30 views

CVE-2017-16931

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name...

9.8CVSS7.1AI score0.04278EPSS
Exploits0References2
CVE
CVE
added 2017/11/23 9:0 p.m.259 views

CVE-2017-16931

CVE-2017-16931 affects libxml2 (parser.c) prior to version 2.9.5, where parameter-entity references are mishandled: the NEXTL macro calls xmlParserHandlePEReference for a '%' in a DTD name, enabling a buffer overflow and potential remote code execution. The connected details confirm the vulnerabl...

9.8CVSS8.9AI score0.04278EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2017/11/23 9:0 p.m.40 views

CVE-2017-16931

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name...

9.8CVSS8.6AI score0.04278EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2017/11/23 9:0 p.m.40 views

CVE-2017-16931

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name...

9.8CVSS9.2AI score0.04278EPSS
Exploits0
Rows per page
Query Builder