Lucene search
K

6932 matches found

AlpineLinux
AlpineLinux
added 2022/02/24 12:0 a.m.33 views

CVE-2021-3596

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt and uses the value directly, which leads to a crash and segmentation fault...

6.5CVSS6.2AI score0.01894EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/02/24 12:0 a.m.42 views

CVE-2021-3596

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt and uses the value directly, which leads to a crash and segmentation fault...

6.5CVSS6.4AI score0.01894EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/23 7:48 p.m.35 views

Security Bulletin: Libxml2 vulnerabilities in Network Intrusion Prevention System (CVE-2014-0191, CVE-2013-2877, CVE-2014-3660, CVE-2013-5211)

Summary Security vulnerabilities have been discovered in the libxml2 component of IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2014-0191 DESCRIPTION: Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the...

7.8CVSS7AI score0.97549EPSS
Exploits31Affected Software1
CNVD
CNVD
added 2022/02/23 12:0 a.m.41 views

libxml2 Resource Management Error Vulnerability (CNVD-2022-21487)

libxml2 is an open source library for parsing XML documents. It is written in C and can be called by multiple languages, such as C, C, XSH. libxml2 suffers from a resource management error vulnerability that can be exploited by attackers to threaten alerts that affect software or systems...

7.5CVSS3.5AI score0.0601EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2022/02/22 11:31 a.m.58 views

CVE-2022-23308

A flaw was found in libxml2. A call to the xmlGetID function can return a pointer already freed when parsing an XML document with the XMLPARSEDTDVALID option and without the XMLPARSENOENT option, resulting in a use-after-free issue...

8.1CVSS8AI score0.0601EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/02/21 12:0 a.m.2 views

libxml2 资源管理错误漏洞

libxml2 is an open source library for parsing XML documents. It is written in C and can be called by multiple languages, such as C, C, XSH. libxml2 suffers from a resource management error vulnerability that can be exploited by attackers to threaten alerts that affect software or systems...

7.5CVSS7.2AI score0.0601EPSS
Exploits0References58
RubySec
RubySec
added 2022/02/21 12:0 a.m.385 views

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)

Summary Nokogiri v1.13.2 upgrades two of its packaged dependencies: vendored libxml2 from v2.9.12 to v2.9.13 vendored libxslt from v1.1.34 to v1.1.35 Those library versions address the following upstream CVEs: libxslt: CVE-2021-30560 CVSS 8.8, High severity libxml2: CVE-2022-23308 Unspecified...

8.8CVSS1AI score0.21623EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/02/19 12:0 a.m.13 views

PT-2022-1917

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.13 Description The issue is related to a use-after-free of ID and IDREF attributes in the valid.c file of the libxml2 library, which is used for XML document analysis. This can be exploited by a remote attacker to...

10CVSS7.3AI score0.51733EPSS
Exploits17References140
Tenable Nessus
Tenable Nessus
added 2022/02/13 12:0 a.m.68 views

EulerOS Virtualization 3.0.6.6 : libxml2 (EulerOS-SA-2022-1131)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed ...

8.8CVSS7.1AI score0.0828EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-1131)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.8AI score0.0828EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-1082)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.8AI score0.0828EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/02/12 12:0 a.m.51 views

EulerOS Virtualization 3.0.6.0 : libxml2 (EulerOS-SA-2022-1082)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed ...

8.8CVSS7.1AI score0.0828EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.142 views

Rocky Linux 8 : libxml2 (RLSA-2021:2569)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2569 advisory. - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigg...

8.8CVSS7.2AI score0.0828EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.24 views

AlmaLinux 8 : libxml2 (ALSA-2021:1597)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1597 advisory. - GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit...

6.5CVSS7.3AI score0.03672EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.264 views

AlmaLinux 8 : libxml2 (ALSA-2021:2569)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:2569 advisory. - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger...

8.8CVSS7.2AI score0.0828EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.83 views

AlmaLinux 8 : libxml2 (ALSA-2020:4479)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4479 advisory. - xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-oldNs. CVE-2019-19956 - xmlSchemaPreRun in...

7.5CVSS7AI score0.07836EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2016-0263)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.2AI score0.1398EPSS
Exploits11References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2018-0050)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.05928EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2014-0214)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.3AI score0.081EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2020-0101)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.07836EPSS
Exploits0References4
Rows per page
Query Builder