Lucene search
K

64 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Improper Restriction of Recursive Entity References in DTDs (CVE-2021-3541)

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

6.5CVSS6.6AI score0.01861EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 3: libxml2 (TSSA-2022:0210)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0210 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.2AI score0.0828EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0047: libxml2 (ALINUX3-SA-2021:0047)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0047 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3516: There's a flaw in libxml2's...

8.8CVSS7.2AI score0.0828EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2021-3541

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service...

6.5CVSS6.9AI score0.01861EPSS
Exploits0References2
Broadcom
Broadcom
added 2024/07/30 12:0 a.m.8 views

Multiple Vulnerabilities within libxml2 (CVE-2020-24977, CVE-2021-3517, CVE-2021-3518, CVE-2021-3537, CVE-2023-29469, CVE-2023-28484, CVE-2022-40303, CVE-2022-40304, CVE-2021-3541)

: Brocade Fibre Channels products are affected by multiple Libxml2 vulnerabilities Brocade Fibre Channels products are affected by multiple Libxml2 vulnerabilities CVE-2020-24977 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at...

8.8CVSS5.6AI score0.22791EPSS
Exploits4
Amazon
Amazon
added 2023/05/03 12:0 a.m.64 views

Medium: libxml2

Issue Overview: parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. CVE-2017-16931 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in...

9.8CVSS7.8AI score0.22791EPSS
Exploits8
OpenVAS
OpenVAS
added 2023/04/27 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2023:2048-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.8AI score0.0363EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2023/01/04 12:0 a.m.36 views

Amazon Linux 2 : libxml2 (ALAS-2021-1662)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1662 advisory. GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at...

8.6CVSS7.5AI score0.0828EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2022/04/21 12:0 a.m.234 views

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 (RHSA-2022:1389)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1389 advisory. This release adds the new Apache HTTP Server 2.4.37 Service Pack 11 packages that are part of the JBoss Core Services offering. This...

9.8CVSS7.5AI score0.70561EPSS
Exploits3References18
RedHat Linux
RedHat Linux
added 2022/04/20 7:44 p.m.442 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security...

9.8CVSS7.2AI score0.70561EPSS
Exploits3References9
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-1131)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.8AI score0.0828EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/02/12 12:0 a.m.51 views

EulerOS Virtualization 3.0.6.0 : libxml2 (EulerOS-SA-2022-1082)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed ...

8.8CVSS7.1AI score0.0828EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2021-0232)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.9AI score0.01861EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/12/31 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2021-2884)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.6AI score0.0828EPSS
Exploits1References2
Redos
Redos
added 2021/12/24 12:0 a.m.14 views

ROS-2-1424

2.1424 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.4AI score0.01861EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/03 6:52 p.m.78 views

Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2021-3541 DESCRIPTION: GNOME libxml2 is vulnerable to a denial of service, caused by an exponential entity expansion attack whic...

9.8CVSS10.2AI score0.62906EPSS
Exploits43Affected Software1
Redos
Redos
added 2021/09/08 12:0 a.m.22 views

ROS-2-1407

2.1407 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

6.5CVSS7.4AI score0.01905EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.17 views

ROS-2-1320

2.1320 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to a...

7.8CVSS7.6AI score0.01861EPSS
Exploits1
Redos
Redos
added 2021/09/08 12:0 a.m.20 views

ROS-2-902

2.902 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

9.8CVSS7.5AI score0.02377EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.39 views

ROS-2-710

2.710 Denial of Service in Libxml2 CVE-2021-3541 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial of service DoS attack. The vulnerability exists due to insufficient validation of user input. A remote attacker can pass specially crafted input data to an...

6.5CVSS8.2AI score0.01861EPSS
Exploits0
Rows per page
Query Builder