6887 matches found
Tenable Nessus < 10.8.4 Multiple Vulnerabilities (TNS-2025-05)
According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.8.4. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2025-05 advisory. - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference ...
AIX (IJ54257)
The version of AIX installed on the remote host is prior to APAR IJ54257. It is, therefore, affected by a vulnerability as referenced in the IJ54257 advisory. - xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. CVE-2022-49043 Note that Nessus has not tested for this...
Photon OS 5.0: Libxml2 PHSA-2025-5.0-0512
An update of the libxml2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0512. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
ROS-20250424-34
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250424-07
Vulnerability of xmlPatMatch function in pattern.c file of libxml2 library is related to null pointer dereferencing. pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service A vulnerability in the libxml2 library is related...
ROS-20250424-33
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
ROS-20250424-13
A vulnerability in the libxml2 library is related to out-of-bounds reads that occur in Python APIs Python bindings due to an invalid return value. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...
libxml2-2-2.13.8-1.1 on GA media (moderate)
libxml2-2-2.13.8-1.1 on GA media Announcement ID: openSUSE-SU-2025:15019-1 Rating: moderate Cross-References: CVE-2025-32414 CVE-2025-32415 CVSS scores: CVE-2025-32414 SUSE : 5.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L CVE-2025-32414 SUSE : 2.1...
Important Photon OS Security Update - PHSA-2025-5.0-0512
Updates of 'libxml2', 'emacs', 'linux', 'linux-esx', 'python3-pydantic' packages of Photon OS have been released...
SUSE CVE-2025-32414
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...
OPENSUSE-SU-2025:15019-1 libxml2-2-2.13.8-1.1 on GA media
These are all security issues fixed in the libxml2-2-2.13.8-1.1 package on the GA media of openSUSE Tumbleweed...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363 CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370 CVE-2025-27113: Fixed...
SUSE-SU-2025:20274-1 Security update for libxml2
This update for libxml2 fixes the following issues: - CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363 - CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370 - CVE-2025-27113:...
Nokogiri updates packaged libxml2 to v2.13.8 to resolve CVE-2025-32414 and CVE-2025-32415
Summary Nokogiri v1.18.8 upgrades its dependency libxml2 to v2.13.8. libxml2 v2.13.8 addresses: - CVE-2025-32414 - described at https://gitlab.gnome.org/GNOME/libxml2/-/issues/889 - CVE-2025-32415 - described at https://gitlab.gnome.org/GNOME/libxml2/-/issues/890 Impact CVE-2025-32414: No impact ...
GHSA-5W6V-399V-W3CC Nokogiri updates packaged libxml2 to v2.13.8 to resolve CVE-2025-32414 and CVE-2025-32415
Summary Nokogiri v1.18.8 upgrades its dependency libxml2 to v2.13.8. libxml2 v2.13.8 addresses: - CVE-2025-32414 - described at https://gitlab.gnome.org/GNOME/libxml2/-/issues/889 - CVE-2025-32415 - described at https://gitlab.gnome.org/GNOME/libxml2/-/issues/890 Impact CVE-2025-32414: No impact ...
Slackware: Security Advisory (SSA:2025-108-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2025-32415
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...
[slackware-security] libxml2
New libxml2 packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxml2-2.11.9-i586-3slack15.0.txz: Rebuilt. This update fixes security issues: schemas: Fix heap buffer overflow in...
Slackware Linux 15.0 / current libxml2 Multiple Vulnerabilities (SSA:2025-108-01)
The version of libxml2 installed on the remote host is prior to 2.11.9 / 2.13.8. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-108-01 advisory. New libxml2 packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted t...
CVE-2025-32415
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...