6886 matches found
CVE-2025-9714 Stack overflow in libxml2
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...
CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...
CVE-2025-9714 Stack overflow in libxml2
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...
CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...
USN-7743-1: libxml2 vulnerability
Nikita Sveshnikov discovered that libxml2 incorrectly handled recursion when processing XPath expressions. An attacker could possibly use this issue to cause a denial of service...
USN-7743-1 libxml2 vulnerability
Nikita Sveshnikov discovered that libxml2 incorrectly handled recursion when processing XPath expressions. An attacker could possibly use this issue to cause a denial of service...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-2048)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2025-2048)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-2105)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-2077)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2025-2017)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command...
Slackware: Security Advisory (SSA:2025-251-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
libxml2 安全漏洞
libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, and XSH. A security vulnerability exists in libxml2 version 2.9.14 and earlier, which stems from an uncontrolled recursion in XPath evaluation that could lead ...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-2017)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2025-2105)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML...
EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2025-2077)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML...
Slackware Linux 15.0 / current libxml2 Vulnerability (SSA:2025-251-01)
The version of libxml2 installed on the remote host is prior to 2.11.9 / 2.14.6. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-251-01 advisory. New libxml2 packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the...
Security Bulletin: Vulnerabilities in libxml2 library (CVE-2025-6021, CVE-2025-49794, CVE-2025-49796) affect Power HMC.
Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-6021 DESCRIPTION: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a...
CLSA-2025-1757415450 libxml2: Fix of 2 CVEs
CVE-2025-7425: fix heap-use-after-free in xmlFreeID caused by 'atype' corruption - CVE-2025-6021: fix integer overflows in buffer size calculations...
Advisory ROSA-SA-2025-2962
Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 unaffected versions = libxml2-2.9.7-20.0.2.2.rv30 affected versions libxml2-2.9.7-20.0.2.2.rv30 CVE-ID: CVE-2023-45322 BDU-ID: 2023-06827 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlUnlinkNode function tree.c of the libxml2 library is...