Tenable Nessus < 10.5.2 Multiple Vulnerabilities (TNS-2023-20)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-1924)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-1893)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2023-1893)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option...

EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2023-1924)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option...

Tenable Nessus < 10.5.2 Multiple Vulnerabilities (TNS-2023-20)

According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-20 advisory. - Nessus leverages third-party software to help provide underlying functionality...

IBM Cognos Analytics Multiple Vulnerabilities (6986505)

The version of IBM Cognos Analytics installed on the remote host is 11.1.x prior to 11.1.7 Fix Pack 7 or 11.2.x prior to 11.2.4 FP1. It is, therefore, affected by multiple vulnerabilities, including the following: - GNOME libxml2 could allow a remote attacker to execute arbitrary code on the...

[R1] Nessus Version 10.5.2 Fixes Multiple Vulnerabilities

R1 Nessus Version 10.5.2 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 05/11/2023 - 15:20 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components libxml2, libxslt were found to contain vulnerabilities, and updated versions have been...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-1740)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2023-0157)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.0 : colord (EulerOS-SA-2023-1747)

According to the versions of the colord package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and...

EulerOS Virtualization 3.0.2.0 : libxml2 (EulerOS-SA-2023-1740)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option...

Updated libxml2 packages fix security vulnerability

NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code...

MGASA-2023-0157 Updated libxml2 packages fix security vulnerability

NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code...

Security Bulletin: AIX is vulnerable to arbitrary code execution due to libxml2 (CVE-2022-40303 and CVE-2022-40304)

Summary UPDATED May 4: Corrected the affected upper fileset levels for AIX 7.2 TL5 to show that SP06 is affected. Corrected the affected upper fileset levels for AIX 7.3 TL1 to show that SP02 is affected. Corrected the affected upper fileset levels for VIOS to show that VIOS 3.1.4.21 is affected...

Amazon Linux AMI : libxml2 (ALAS-2023-1743)

The version of libxml2 installed on the remote host is prior to 2.9.1-6.6.42. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1743 advisory. parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the...

Medium: libxml2

Issue Overview: A NULL pointer dereference exists when parsing invalid XML schemas in libxml2 xmlSchemaCheckCOSSTDerivedOK CVE-2023-28484 libxml2 Hashing of empty dict strings isn't deterministic. When hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce...

Medium: libxml2

Issue Overview: parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. CVE-2017-16931 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in...

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2023-163)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-163 advisory. A NULL pointer dereference exists when parsing invalid XML schemas in libxml2 xmlSchemaCheckCOSSTDerivedOK CVE-2023-28484 libxml2 Hashing of empty dict strings isn't deterministic. When hashing...

Moderate Photon OS Security Update - PHSA-2023-5.0-0001

Updates of 'redis', 'cloud-init', 'libxml2' packages of Photon OS have been released...