TencentOS Server 3: libxml2 (TSSA-2022:0018)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0018 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2020-24977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit...

Linux Distros Unpatched Vulnerability : CVE-2017-8393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumptio...

GLSA-202312-06 : Exiv2: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202312-06 Exiv2: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Exiv2. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from...

CVE-2020-18771

Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmnint.cpp which can result in an information leak...

EulerOS Virtualization 3.0.2.6 : libxml2 (EulerOS-SA-2021-1415)

According to the version of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2021-1415)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2020-2366)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : libxml -- multiple vulnerabilities (f5abafc0-fcf6-11ea-8758-e0d55e2a8bf9)

CVE mitre reports : CVE-2019-20388 xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. CVE-2020-7595 xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. CVE-2020-24977 GNOME project libxml2...

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

...

CVE-2020-24977

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Produc...

CVE-2020-24977

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e...

Security Bulletin: Multiple vulnerabilities in Open Source Binutils and Open Source OpenSSL affect IBM Netezza Analytics

Summary Open Source Binutils and OpenSSL is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2014-9939 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by a stack-based buffer overflow in ihex.c. By using...

CVE-2018-7254

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service global buffer over-read, or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file...

CVE-2018-7254

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service global buffer over-read, or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file...

CVE-2017-8393

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHTREL/SHRRELA sections are always named starting with a .rel/.rela prefix. This...