8834 matches found
AZL-74775 CVE-2026-0989 affecting package libxml2 2.10.4-11
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...
CVE-2026-0989
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...
CVE-2026-0989
CVE-2026-0989 concerns a flaw in the RelaxNG parser in libxml2 where external schema inclusions can cause unbounded recursion, leading to stack exhaustion and denial-of-service crashes. The connected documents confirm this issue across multiple distributions (e.g., Amazon Linux 2/ALAS advisories,...
CVE-2026-0989 Libxml2: unbounded relaxng include recursion leading to stack overflow
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...
CVE-2026-0989 Libxml2: unbounded relaxng include recursion leading to stack overflow
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...
CVE-2026-0989
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...
Linux Distros Unpatched Vulnerability : CVE-2026-0989
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion...
MiracleLinux 9 : libxml2-2.9.13-6.el9_5.1 (AXSA:2025-9658:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9658:01 advisory. libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 Tenable has extracted the preceding description block directly from the MiracleLinux security...
CVE-2025-12550
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes OchaHouse ochahouse allows PHP Local File Inclusion.This issue affects OchaHouse: from n/a through = 2.2.8...
CVE-2025-12549
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech Rozy - Flower Shop rozy allows PHP Local File Inclusion.This issue affects Rozy - Flower Shop: from n/a through = 1.2.25...
CVE-2025-14431
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in THEMELOGI Navian navian allows PHP Local File Inclusion.This issue affects Navian: from n/a through = 1.5.4...
CVE-2025-14359
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in brandexponents Oshine allows PHP Local File Inclusion. This issue affects Oshine: from n/a before 7.3.0...
CVE-2025-67937
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Hendon hendon allows PHP Local File Inclusion.This issue affects Hendon: from n/a through 1.7...
CVE-2025-67920
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Neo Ocular neoocular allows PHP Local File Inclusion.This issue affects Neo Ocular: from n/a through 1.2...
CVE-2025-22712
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in QantumThemes Typify typify allows PHP Local File Inclusion.This issue affects Typify: from n/a through = 3.0.2...
CVE-2025-22707
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Moody tm-moody allows PHP Local File Inclusion.This issue affects Moody: from n/a through = 2.7.3...
CVE-2026-22521
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in G5Theme Handmade Framework handmade-framework allows PHP Local File Inclusion.This issue affects Handmade Framework: from n/a through = 3.9...
CVE-2016-10828
cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path SEC-97...
CVE-2016-10837
cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path SEC-46...
CVE-2022-0346
The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allowurlinclude is turned on...