Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.103072)

The version of AHV installed on the remote host is prior to 20230302.103072. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.103072 advisory. - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could...

CVE-2025-6021

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

CVE-2025-6021

Affects libxml2: multiple vendors report CVE-2025-6021 (integer overflow in xmlBuildQName causing stack-based buffer overflow). Documents show vulnerable libxml2 variants across distributions (e.g., AWS ALAS advisories for libxml2 with 2.9/2.10 lines; AIX advisory listing affected filesets; Astra...

AIX : Multiple Vulnerabilities (IJ54754)

The version of AIX installed on the remote host is prior to APAR IJ54754. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ54754 advisory. - A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is...

AIX : Multiple Vulnerabilities (IJ54779)

The version of AIX installed on the remote host is prior to APAR IJ54779. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ54779 advisory. - A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is...

AIX : Multiple Vulnerabilities (IJ54873)

The version of AIX installed on the remote host is prior to APAR IJ54873. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ54873 advisory. - A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is...

AIX : Multiple Vulnerabilities (IJ54679)

The version of AIX installed on the remote host is prior to APAR IJ54679. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ54679 advisory. - A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is...

CVE-2020-24977

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e...

CVE-2017-9048

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more...

RHEL 2.1 / 3 : libxml2 (RHSA-2004:615)

An updated libxml2 package that fixes multiple buffer overflows is now available. libxml2 is a library for manipulating XML files. Multiple buffer overflow bugs have been found in libxml2 versions prior to 2.6.14. If an attacker can trick a user into passing a specially crafted FTP URL or FTP pro...

libxml2: Remotely exploitable buffer overflow

Background libxml2 is an XML parsing library written in C. Description Multiple buffer overflows have been detected in the nanoftp and nanohttp modules. These modules are responsible for parsing URLs with ftp information, and resolving names via DNS. Impact An attacker could exploit an applicatio...

libxml2 multiple buffer overflows

Buffer overflow on URL parsing, name resolution...

FreeBSD : libxml2 stack buffer overflow in URI parsing (208)

The following package needs to be updated: libxml2 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg847ade05671711d8b321000a95bc6fae.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

CVE-2004-0110

Buffer overflow in the 1 nanohttp or 2 nanoftp modules in XMLSoft Libxml 2 Libxml2 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL...