Lucene search
K

6939 matches found

OSV
OSV
added 2022/05/03 3:15 a.m.1 views

DEBIAN-CVE-2022-29824

In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...

6.5CVSS7.4AI score0.0363EPSS
Exploits5References1
OSV
OSV
added 2022/05/03 3:15 a.m.33 views

CVE-2022-29824

In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...

6.5CVSS2.7AI score
Exploits0References14
OSV
OSV
added 2022/05/03 3:15 a.m.7 views

AZL-9616 CVE-2022-29824 affecting package libxml2 for versions less than 2.9.14-1

In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...

6.5CVSS6.9AI score0.0363EPSS
Exploits5References1
ATTACKERKB
ATTACKERKB
added 2022/05/03 3:15 a.m.1 views

CVE-2022-29824

In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...

6.5CVSS6.9AI score0.0363EPSS
Exploits5References18
Prion
Prion
added 2022/05/03 3:15 a.m.23 views

Integer overflow

In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...

4.3CVSS7.5AI score0.0363EPSS
Exploits5References14Affected Software5
CVE
CVE
added 2022/05/03 12:0 a.m.410 views

CVE-2022-29824

Summary: CVE-2022-29824 affects libxml2 up to version 2.9.14. Several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) fail to check integer overflows, causing out-of-bounds memory writes when processing crafted XML files. This vulnerability also affects software that uses lib...

6.5CVSS6.8AI score0.0363EPSS
Exploits5References14Affected Software2
Cvelist
Cvelist
added 2022/05/03 12:0 a.m.21 views

CVE-2022-29824

In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...

7.1AI score0.0363EPSS
Exploits5References14
Debian CVE
Debian CVE
added 2022/05/03 12:0 a.m.57 views

CVE-2022-29824

In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...

6.5CVSS6.9AI score0.0363EPSS
Exploits5
OpenVAS
OpenVAS
added 2022/05/03 12:0 a.m.19 views

Slackware: Security Advisory (SSA:2022-122-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.5AI score0.0363EPSS
Exploits5References2
CNNVD
CNNVD
added 2022/05/03 12:0 a.m.2 views

libxslt和libxml2 输入验证错误漏洞

libxslt is an XSLT XML Language for Defining XML Transformations C library. libxml2 is an open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, XSH. An input validation error vulnerability exists in libxml2 versions prior to 2.9.14...

6.5CVSS7.4AI score0.0363EPSS
Exploits5References56
Slackware Linux
Slackware Linux
added 2022/05/02 8:17 p.m.38 views

[slackware-security] libxml2

New libxml2 packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxml2-2.9.14-i586-1slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: Fix intege...

6.5CVSS0.7AI score0.0363EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2022/05/02 12:0 a.m.48 views

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current libxml2 Vulnerability (SSA:2022-122-01)

The version of libxml2 installed on the remote host is prior to 2.9.14. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-122-01 advisory. - In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows...

6.5CVSS7.4AI score0.0363EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2022/04/29 12:0 a.m.369 views

Oracle Enterprise Manager Cloud Control (Apr 2022 CPU)

The 13.4.0.0 and 13.5.0.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory. - Vulnerability in the Oracle Management Service component Apache Log4j of the Enterprise Manager Base Platfor...

9.8CVSS7.4AI score0.97906EPSS
Exploits10References6
OpenVAS
OpenVAS
added 2022/04/25 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-1541)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.0601EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/04/25 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2022:1308-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.0601EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/04/25 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-1574)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.0601EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/04/25 12:0 a.m.34 views

EulerOS 2.0 SP8 : libxml2 (EulerOS-SA-2022-1574)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Tenable Network Security has extract...

7.5CVSS7.3AI score0.0601EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/04/25 12:0 a.m.34 views

EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2022-1541)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Tenable Network Security has extract...

7.5CVSS7.3AI score0.0601EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/04/23 12:0 a.m.62 views

SUSE SLES12 Security Update : libxml2 (SUSE-SU-2022:1308-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1308-1 advisory. - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Nessus has not tested for this...

7.5CVSS7.2AI score0.0601EPSS
Exploits0References4
OSV
OSV
added 2022/04/22 2:7 p.m.4 views

SUSE-SU-2022:1308-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2022-23308: Fixed use-after-free of ID and IDREF attributes. bsc1196490...

7.5CVSS6.6AI score0.0601EPSS
Exploits0References3
Rows per page
Query Builder