Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.10 views

TencentOS Server 4: xerces-c (TSSA-2024:0466)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0466 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

9.8CVSS7.4AI score0.09503EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/02/27 12:0 a.m.19 views

Photon OS 4.0: Xerces PHSA-2025-4.0-0761

An update of the xerces package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0761. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.6AI score0.01482EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/02/27 12:0 a.m.6 views

Photon OS 5.0: Xerces PHSA-2025-5.0-0480

An update of the xerces package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0480. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.6AI score0.01482EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/02/11 12:0 a.m.12 views

Azure Linux 3.0 Security Update: xerces-c (CVE-2024-23807)

The version of xerces-c installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23807 advisory. - The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered...

9.8CVSS7.5AI score0.01482EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/01/30 12:0 a.m.14 views

CBL Mariner 2.0 Security Update: xerces-c (CVE-2024-23807)

The version of xerces-c installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23807 advisory. - The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered...

9.8CVSS7.5AI score0.01482EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2025/01/29 5:2 p.m.20 views

CVE-2024-23807 affecting package xerces-c for versions less than 3.2.4-2

CVE-2024-23807 affecting package xerces-c for versions less than 3.2.4-2. A patched version of the package is available...

9.8CVSS7AI score0.01482EPSS
Exploits1
CBLMariner
CBLMariner
added 2025/01/28 5:37 p.m.18 views

CVE-2024-23807 affecting package xerces-c for versions less than 3.2.4-2

CVE-2024-23807 affecting package xerces-c for versions less than 3.2.4-2. A patched version of the package is available...

9.8CVSS7AI score0.01482EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/03/05 12:0 a.m.30 views

Amazon Linux 2 : xerces-c (ALAS-2024-2476)

The version of xerces-c installed on the remote host is prior to 3.1.1-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2476 advisory. Apache issued this CVE to indicate the correct versions of xerces-c, which included the fix for CVE-2018-1311. See the older CVE...

9.8CVSS7.4AI score0.09503EPSS
Exploits1References4
Amazon
Amazon
added 2024/03/04 12:0 a.m.6 views

Medium: xerces-c

Issue Overview: Apache issued this CVE to indicate the correct versions of xerces-c, which included the fix for CVE-2018-1311. See the older CVE page for fix status. CVE-2024-23807 Affected Packages: xerces-c Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...

9.8CVSS8.4AI score0.09503EPSS
Exploits1
Amazon
Amazon
added 2024/03/04 12:0 a.m.48 views

Medium: xerces-c

Issue Overview: Apache issued this CVE to indicate the correct versions of xerces-c, which included the fix for CVE-2018-1311. See the older CVE page for fix status. CVE-2024-23807 Affected Packages: xerces-c Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...

9.8CVSS8.4AI score0.09503EPSS
Exploits1
NVD
NVD
added 2024/02/29 1:44 a.m.44 views

CVE-2024-23807

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

9.8CVSS8AI score0.01482EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/02/29 12:0 a.m.48 views

CVE-2024-23807

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

9.8CVSS6.8AI score0.01482EPSS
Exploits1References1
OSV
OSV
added 2024/02/28 1:50 p.m.64 views

CVE-2024-23807 Apache Xerces C++: Use-after-free on external DTD scan

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

8.1CVSS7AI score0.01482EPSS
Exploits1References4
CVE
CVE
added 2024/02/28 1:50 p.m.3178 views

CVE-2024-23807

CVE-2024-23807 affects the Apache Xerces-C++ XML parser (versions 3.0.0 up to, but not including, 3.2.5) due to a use-after-free when scanning external DTDs. Patched in 3.2.5; mitigations include disabling DTD processing (DOM: standard feature; SAX: XERCES_DISABLE_DTD). Connected documents corrob...

9.8CVSS8.1AI score0.01482EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/02/28 1:50 p.m.38 views

CVE-2024-23807 Apache Xerces C++: Use-after-free on external DTD scan

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

8.3AI score0.01482EPSS
Exploits1References2
Rows per page
Query Builder