CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3104 matches found

Tenable Nessus•added 2022/06/16 12:0 a.m.•29 views

EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2022-1901)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can...

6.5CVSS7.4AI score0.00074EPSS

Exploits5References2

Tenable Nessus•added 2022/05/25 12:0 a.m.•49 views

SUSE SLES12 Security Update : libxml2 (SUSE-SU-2022:1833-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1833-1 advisory. - parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. CVE-2017-16932 - In libxml2 before...

7.5CVSS7.5AI score0.21755EPSS

Exploits5References7

RedhatCVE•added 2022/05/20 10:42 p.m.•32 views

CVE-2020-25693

A flaw was found in the CImg library. Multiple integer overflows lead to heap buffer overflows in loadpnm, which can be triggered by a specially crafted input file processed by CImg. The highest risk from this vulnerability is to integrity and system availability...

8.1CVSS3AI score0.00558EPSS

Exploits1References1

Tenable Nessus•added 2022/05/20 12:0 a.m.•39 views

SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2022:1750-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1750-1 advisory. - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 - In libxml...

7.5CVSS7.5AI score0.00074EPSS

Exploits5References7

OpenVAS•added 2022/05/19 12:0 a.m.•11 views

Mageia: Security Advisory (MGASA-2022-0177)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.5AI score0.00074EPSS

Exploits5References4

Tenable Nessus•added 2022/05/18 12:0 a.m.•36 views

Ubuntu 16.04 ESM : libXrandr vulnerabilities (USN-5428-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5428-1 advisory. Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service...

9.8CVSS8.8AI score0.03137EPSS

Exploits0References3

OpenVAS•added 2022/05/18 12:0 a.m.•18 views

Debian: Security Advisory (DLA-3012-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.5AI score0.00074EPSS

Exploits5References4

Tenable Nessus•added 2022/05/17 12:0 a.m.•29 views

Debian DLA-3012-1 : libxml2 - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3012 advisory. Felix Wilhelm discovered that libxml2, the GNOME XML library, did not correctly check for integer overflows or used wrong types for buffer sizes. This could result in...

6.5CVSS7.3AI score0.00074EPSS

Exploits5References6

Mageia•added 2022/05/12 10:24 a.m.•125 views

Updated libxml2 packages fix security vulnerability

In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...

6.5CVSS2.2AI score0.00074EPSS

Exploits5References2

Hacker One•added 2022/05/10 4:10 p.m.•60 views

curl: Integer overflows in unescape_word()

Summary: A similiar issue to CVE-2019-5435 Steps To Reproduce: analysis DICT protocol can use one url like "dict://localhost:3306", and function unescapeword is used to deal with the character in url like this comment c / According to RFC2229 section 2.2, these letters need to be escaped with...

4.3CVSS1.2AI score0.00165EPSS

Exploits1

Tenable Nessus•added 2022/05/09 12:0 a.m.•31 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : gcc Multiple Vulnerabilities (NS-SA-2022-0019)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gcc packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service Fortran application crash...

9.8CVSS8AI score0.03974EPSS

Exploits0References5

Tenable Nessus•added 2022/05/09 12:0 a.m.•55 views

NewStart CGSL MAIN 6.02 : p11-kit Multiple Vulnerabilities (NS-SA-2022-0066)

The remote NewStart CGSL host, running version MAIN 6.02, has p11-kit packages installed that are affected by multiple vulnerabilities: - An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and...

7.5CVSS7.1AI score0.00355EPSS

Exploits0References7