Lucene search
K

56 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Missing Release of Memory after Effective Lifetime (CVE-2019-20388)

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

7.5CVSS6.7AI score0.04387EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.30 views

CentOS 9 : libxml2-2.9.12-4.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libxml2-2.9.12-4.el9 build changelog. - xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. CVE-2019-20388 - GNOME project libxml2...

8.8CVSS7.4AI score0.0828EPSS
Exploits2References8
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/07 10:45 p.m.58 views

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in Libxml2

Summary The following vulnerabilities in Libxml2 have been addressed by IBM Flex System Chassis Management Module CMM. Vulnerability Details CVEID: CVE-2020-7595 DESCRIPTION: The Gnome Project Libxml2 is vulnerable to a denial of service, caused by an error in xmlStringLenDecodeEntities in...

7.5CVSS1.7AI score0.07836EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.18 views

Oracle Linux 7 : libxml2 (ELSA-2020-3996)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3996 advisory. - Fix CVE-2019-19956 1793000 - Fix CVE-2019-20388 1810057 - Fix CVE-2020-7595 1810073 Tenable has extracted the preceding description block directly fr...

7.5CVSS7.1AI score0.07836EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.83 views

AlmaLinux 8 : libxml2 (ALSA-2020:4479)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4479 advisory. - xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-oldNs. CVE-2019-19956 - xmlSchemaPreRun in...

7.5CVSS7AI score0.07836EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.46 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : libxml2 Multiple Vulnerabilities (NS-SA-2021-0148)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libxml2 packages installed that are affected by multiple vulnerabilities: - xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-oldNs. CVE-2019-19956 - xmlSchemaPreRun...

7.5CVSS6.9AI score0.07836EPSS
Exploits0References7
Cloud Foundry
Cloud Foundry
added 2021/07/08 12:0 a.m.41 views

USN-4991-1: libxml2 vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Yunho Kim discovered that libxml2 incorrectly handled certain error conditions. A remote attacker could exploit this with a crafted XML file to cause a denial...

9.1CVSS8.6AI score0.0828EPSS
Exploits2Affected Software3
OpenVAS
OpenVAS
added 2021/06/18 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-4991-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.9AI score0.0828EPSS
Exploits2References2
OSV
OSV
added 2021/06/17 2:59 p.m.3 views

USN-4991-1 libxml2 vulnerabilities

Yunho Kim discovered that libxml2 incorrectly handled certain error conditions. A remote attacker could exploit this with a crafted XML file to cause a denial of service, or possibly cause libxml2 to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM...

9.1CVSS6.8AI score0.0828EPSS
Exploits2References9
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2020:1299-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.07836EPSS
Exploits0References2
OSV
OSV
added 2021/05/17 8:52 p.m.66 views

GHSA-7RRM-V45F-JP64 Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12

Summary Nokogiri v1.11.4 updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 Medium severity - CVE-2020-24977 Medium severity - CVE-2021-3517 Medium severity - CVE-2021-3518 Medium severity - CVE-2021-3537 Low severity - CVE-2021-3541 Low severity Note that two...

6.5CVSS7.2AI score0.01861EPSS
Exploits0References4
Snyk
Snyk
added 2021/05/17 8:52 p.m.4 views

Denial of Service (DoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS. Vulnerable version of libxml2 was used. The fix to this updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 -...

8.8CVSS7.1AI score0.0828EPSS
Exploits1References2
Snyk
Snyk
added 2021/05/17 8:52 p.m.3 views

Denial of Service (DoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS. Vulnerable version of libxml2 was used. The fix to this updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 -...

8.8CVSS8.3AI score0.0828EPSS
Exploits1References2
Snyk
Snyk
added 2021/05/17 8:52 p.m.3 views

Denial of Service (DoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS. Vulnerable version of libxml2 was used. The fix to this updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 -...

8.8CVSS7.1AI score0.0828EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2021/05/17 8:52 p.m.163 views

Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12

Summary Nokogiri v1.11.4 updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 Medium severity - CVE-2020-24977 Medium severity - CVE-2021-3517 Medium severity - CVE-2021-3518 Medium severity - CVE-2021-3537 Low severity - CVE-2021-3541 Low severity Note that two...

8.8CVSS8.3AI score0.0828EPSS
Exploits2References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.40 views

NewStart CGSL MAIN 6.02 : libxml2 Multiple Vulnerabilities (NS-SA-2021-0061)

The remote NewStart CGSL host, running version MAIN 6.02, has libxml2 packages installed that are affected by multiple vulnerabilities: - xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. CVE-2020-7595 -...

7.5CVSS6.9AI score0.07836EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.29 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : libxml2 Multiple Vulnerabilities (NS-SA-2021-0016)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libxml2 packages installed that are affected by multiple vulnerabilities: - xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. CVE-2020-7595 -...

7.5CVSS6.9AI score0.07836EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.43 views

CentOS 8 : libxml2 (CESA-2020:4479)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4479 advisory. - libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c CVE-2019-19956 - libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c...

7.5CVSS7AI score0.07836EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/27 12:4 a.m.62 views

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2019-19126 DESCRIPTION: GNU C Library could allow a local attacker to bypass security restrictions, caused by failing to ignore...

9.8CVSS0.5AI score0.17939EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/20 12:25 p.m.40 views

Security Bulletin: IBM MQ Appliance is affected by libxml2 vulnerabilities (CVE-2019-19956, CVE-2019-20388, CVE-2020-7595)

Summary IBM MQ Appliance has resolved libxml2 vulnerabilities. Vulnerability Details CVEID: CVE-2019-19956 DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c. By persuading a victim to open a specially crafted file,...

7.5CVSS2AI score0.07836EPSS
Exploits0Affected Software1
Rows per page
Query Builder