608 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-0992
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements...
Linux Distros Unpatched Vulnerability : CVE-2026-0990
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalo...
MiracleLinux 3 : libxml2-2.6.26-2.1.2.6.1AXS3 (AXSA:2008-277:03)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-277:03 advisory. The XML C library was initially developed for the GNOME project. It is now used by many programs to load and save extensible data structures or manipulate any...
MiracleLinux 8 : libxml2-2.9.7-18.el8_10.2 (AXSA:2025-9668:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9668:02 advisory. libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 Tenable has extracted the preceding description block directly from the MiracleLinux security...
Tenable Nessus Multiple Vulnerabilities (TNS-2025-24)
Tenable Nessus is prone to multiple vulnerabilities in various third-party components expat, libxml2, libxslt. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...
Security Bulletin:Vulnerability in libxml2 affects IBM Netezza Appliance
Summary The libxml2 package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-32415 Vulnerability Details CVEID:CVE-2025-32415 DESCRIPTION: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-bas...
Tenable Nessus 10.8.0 <= 10.8.6 / 10.9.0 < 10.9.6 / 10.10.0 <= 10.10.1 / 10.11.0 < 10.11.1 Multiple Vulnerabilities (TNS-2025-24)
According to its self-reported version, the Tenable Nessus application running on the remote host is 10.8.0 prior or equal to 10.8.6, 10.9.0 prior to 10.9.6, 10.10.0 prior or equal to 10.10.1 and 10.11.0 prior to 10.11.1. It is, therefore, affected by multiple vulnerabilities as referenced in the...
AlmaLinux 9 : libxml2 (ALSA-2025:22376)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:22376 advisory. libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 Tenable has extracted the preceding description block...
RHEL 9 : libxml2 (RHSA-2025:22163)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22163 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...
RHEL 9 : libxml2 (RHSA-2025:22177)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22177 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...
RHEL 9 : libxml2 (RHSA-2025:22376)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22376 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...
Advisory ROSA-SA-2025-3085
Software: libxml2 2.9.1 OS: rosa-server79 unaffected versions = libxml2-2.9.1-6.0.11.res7.6 affected versions libxml2-2.9.1-6.0.11.res7.6 CVE-ID: CVE-2025-6021 BDU-ID: 2025-07144 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a...
RockyLinux 9 : libxml2 (RLSA-2025:22376)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:22376 advisory. libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 Tenable has extracted the preceding description block...
USN-7852-2: libxml2 vulnerability
USN-7582-1 fixed a vulnerability in libxml2. This update provides the corresponding fix for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that libxslt, used by libxml2, incorrectly handled certain attributes. An attacker could use this issue...
Security Bulletin: Vulnerability in libxml2 library (CVE-2025-32415) affects Power HMC.
Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-32415 DESCRIPTION: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer...
Siemens SIMATIC S7-1500 Use After Free (CVE-2016-5131)
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. This plugin only works with Tenable.ot. Please...
Siemens SIMATIC S7-1500 Buffer Over-read (CVE-2024-34459)
An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. This plugin only works with Tenable.ot. Please visit...
Siemens SIMATIC S7-1500 Allocation of Resources Without Limits or Throttling (CVE-2017-18258)
The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file. This plugin only works with Tenable.o...
Siemens SIMATIC S7-1500 Use After Free (CVE-2021-3518)
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability. This plugin only works...
Siemens SIMATIC S7-1500 Loop with Unreachable Exit Condition (CVE-2018-14567)
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service infinite loop via a crafted XML file that triggers LZMAMEMLIMITERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251. This plugin only works with Tenable.ot...