Lucene search
K

59 matches found

OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.12 views

openSUSE Security Advisory (SUSE-SU-2024:0320-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8AI score0.09503EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/01/22 12:0 a.m.18 views

Debian dla-3704 : libxerces-c-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3704 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3704-1 [email protected]...

8.8CVSS7.2AI score0.09503EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/03/05 12:0 a.m.30 views

Amazon Linux 2 : xerces-c (ALAS-2024-2476)

The version of xerces-c installed on the remote host is prior to 3.1.1-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2476 advisory. Apache issued this CVE to indicate the correct versions of xerces-c, which included the fix for CVE-2018-1311. See the older CVE...

9.8CVSS7.4AI score0.09503EPSS
Exploits1References4
OSV
OSV
added 2024/02/29 1:44 a.m.63 views

CVE-2024-23807

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

9.8CVSS7.1AI score
Exploits0References2
Prion
Prion
added 2024/02/29 1:44 a.m.31 views

Design/Logic Flaw

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

6.8AI score0.09503EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/02/29 12:0 a.m.46 views

CVE-2024-23807

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

9.8CVSS6.8AI score0.01482EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/28 1:50 p.m.36 views

CVE-2024-23807 Apache Xerces C++: Use-after-free on external DTD scan

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

8.3AI score0.01482EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2024/02/16 6:20 p.m.90 views

CVE-2024-23807

Apache issued this CVE to indicate the correct versions of xerces-c, which included the fix for CVE-2018-1311. See the older CVE page for fix status...

8.1CVSS6.7AI score0.09503EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2024/02/05 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2024:0320-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8AI score0.09503EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/03 12:0 a.m.30 views

SUSE SLED15: libxerces-c-3_2 / libxerces-c-3_2-32bit / libxerces-c-devel / etc (SUSE-SU-2024:0320-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0320-1 advisory. - CVE-2018-1311: fixed use-after-free triggered during the scanning of external DTDs potentially leading ...

8.1CVSS7.2AI score0.09503EPSS
Exploits0References4
OSV
OSV
added 2024/02/02 12:15 p.m.4 views

SUSE-SU-2024:0320-1 Security update for xerces-c

This update for xerces-c fixes the following issues: - CVE-2018-1311: fixed use-after-free triggered during the scanning of external DTDs potentially leading to DOS. bsc1159552...

8.1CVSS8AI score0.09503EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/02/02 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2024:0300-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8AI score0.09503EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/02 12:0 a.m.16 views

SUSE SLES15 Security Update : xerces-c (SUSE-SU-2024:0300-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0300-1 advisory. - CVE-2018-1311: fixed use-after-free triggered during the scanning of external DTDs potentially leading to DOS. bsc1159552 Tenable has...

8.1CVSS7.2AI score0.09503EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/02 12:0 a.m.26 views

SUSE SLES12 Security Update : xerces-c (SUSE-SU-2024:0299-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0299-1 advisory. - CVE-2018-1311: fixed use-after-free triggered during the scanning of external DTDs potentially leading to DOS. bsc1159552 Tenable has...

8.1CVSS7.2AI score0.09503EPSS
Exploits0References4
OSV
OSV
added 2024/02/01 12:34 p.m.7 views

SUSE-SU-2024:0300-1 Security update for xerces-c

This update for xerces-c fixes the following issues: - CVE-2018-1311: fixed use-after-free triggered during the scanning of external DTDs potentially leading to DOS. bsc1159552...

8.1CVSS8AI score0.09503EPSS
Exploits0References3
OSV
OSV
added 2024/02/01 12:34 p.m.6 views

SUSE-SU-2024:0299-1 Security update for xerces-c

This update for xerces-c fixes the following issues: - CVE-2018-1311: fixed use-after-free triggered during the scanning of external DTDs potentially leading to DOS. bsc1159552...

8.1CVSS8AI score0.09503EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2024/01/18 6:21 p.m.80 views

USN-6590-1: Xerces-C++ vulnerabilities

It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could...

8.8CVSS6.9AI score0.09503EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/11 12:0 a.m.33 views

Ubuntu 16.04 ESM / 18.04 ESM : Xerces-C++ vulnerability (USN-6579-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6579-1 advisory. It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could...

8.1CVSS7.9AI score0.09503EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/01/01 12:0 a.m.26 views

Fedora: Security Advisory for xerces-c (FEDORA-2023-52ba628e03)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.2AI score0.09503EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/12/30 12:0 a.m.28 views

Fedora 39 : xerces-c (2023-817ecc703f)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-817ecc703f advisory. Update to 3.2.5, fixing CVE-2018-1311 and CVE-2023-37536 Tenable has extracted the preceding description block directly from the Fedora security...

8.8CVSS7AI score0.09503EPSS
Exploits0References3
Rows per page
Query Builder