3 matches found
CVE-2023-34104
fast-xml-parser is an open source, pure javascript xml parser. fast-xml-parser allows special characters in entity names, which are not escaped or sanitized. Since the entity name is used for creating a regex for searching and replacing entities in the XML body, an attacker can abuse it for denia...
ROS-20230419-01
Vulnerability of HFS+ partition file analyzer of ClamAV antivirus software package is related to an operation exceeding the memory buffer boundaries. operation beyond the memory buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
OpenJDK: missing entity replacement limits (JAXP, 8149962)
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500...