Lucene search
K

6939 matches found

OpenVAS
OpenVAS
added 2021/05/24 12:0 a.m.28 views

openSUSE: Security Advisory for libxml2 (openSUSE-SU-2021:0764-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.8AI score0.0828EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/05/24 12:0 a.m.39 views

FreeBSD : libxml2 -- Possible denial of service (524bd03a-bb75-11eb-bf35-080027f515ea)

Daniel Veillard reports : A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

6.5CVSS7AI score0.01861EPSS
Exploits0References4
Veracode
Veracode
added 2021/05/22 7:17 p.m.41 views

Billion Laugh Attack

libxml2:sid is vulnerable to billion laugh attack via parameter entities expansion and following the line of the billion laugh attack...

6.5CVSS4.1AI score0.01861EPSS
Exploits0References4Affected Software17
OSV
OSV
added 2021/05/22 5:3 a.m.6 views

OPENSUSE-SU-2021:0764-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel bsc1185698 - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. - CVE-2021-3517: Fixed a heap based buffer overflow in...

8.8CVSS7.6AI score0.0828EPSS
Exploits1References9
OPENSUSE Linux
OPENSUSE Linux
added 2021/05/22 12:0 a.m.56 views

Security update for libxml2 (important)

openSUSE Security Update: Security update for libxml2 Announcement ID: openSUSE-SU-2021:0764-1 Rating: important References: 1185408 1185409 1185410 1185698 Cross-References: CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537 CVSS scores: CVE-2021-3516 SUSE: 5.9...

7.5CVSS8.8AI score0.0828EPSS
Exploits1References4
CNVD
CNVD
added 2021/05/21 12:0 a.m.5 views

libxml2 Resource Management Error Vulnerability

libxml2 is an open source library used to parse XML documents . It is written in C, and can be called for a variety of languages , such as C, C++, XSH. A resource management error vulnerability exists in libxml2 versions prior to 2.9.11. This vulnerability can be exploited to trigger post-release...

8.8CVSS6.7AI score0.03653EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2021/05/20 7:0 a.m.1 views

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.

...

5.9CVSS7AI score0.03503EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/05/20 12:0 a.m.44 views

SUSE SLES12 Security Update : libxml2 (SUSE-SU-2021:1658-1)

This update for libxml2 fixes the following issues : Security issues fixed : - CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel bsc1185698 CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. CVE-2021-3517: Fixed a heap-based buffer...

8.8CVSS7.5AI score0.0828EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2021/05/20 12:0 a.m.51 views

SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2021:1654-1)

This update for libxml2 fixes the following issues : CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel bsc1185698 CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. CVE-2021-3517: Fixed a heap-based buffer overflow in...

8.8CVSS7.5AI score0.0828EPSS
Exploits1References13
OSV
OSV
added 2021/05/19 7:29 p.m.7 views

MGASA-2021-0213 Updated libxml2 packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Use-after-free in xmlEncodeEntitiesInternal in entities.c. CVE-2021-3516 Heap-based buffer overflow in xmlEncodeEntitiesInternal in entities.c. CVE-2021-3517 Use-after-free in xmlXIncludeDoProcess in xinclude.c. CVE-2021-3518 NULL pointer...

8.8CVSS7.4AI score0.0828EPSS
Exploits1References5
Mageia
Mageia
added 2021/05/19 7:29 p.m.111 views

Updated libxml2 packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Use-after-free in xmlEncodeEntitiesInternal in entities.c. CVE-2021-3516 Heap-based buffer overflow in xmlEncodeEntitiesInternal in entities.c. CVE-2021-3517 Use-after-free in xmlXIncludeDoProcess in xinclude.c. CVE-2021-3518 NULL pointer...

8.8CVSS8.3AI score0.0828EPSS
Exploits1References4
OSV
OSV
added 2021/05/19 4:20 p.m.6 views

SUSE-SU-2021:1658-1 Security update for libxml2

This update for libxml2 fixes the following issues: Security issues fixed: CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel bsc1185698 - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. - CVE-2021-3517: Fixed a heap based buffer...

8.8CVSS7.7AI score0.0828EPSS
Exploits1References9
OSV
OSV
added 2021/05/19 2:44 p.m.6 views

SUSE-SU-2021:1654-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel bsc1185698 - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. - CVE-2021-3517: Fixed a heap based buffer overflow in...

8.8CVSS7.6AI score0.0828EPSS
Exploits1References9
OSV
OSV
added 2021/05/19 2:41 p.m.11 views

SUSE-SU-2021:14729-1 Security update for libxml2

This update for libxml2 fixes the following issues: Security issues fixed: - CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel bsc1185698 - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. - CVE-2021-3517: Fixed a heap based buffer...

8.8CVSS7.3AI score0.0828EPSS
Exploits3References18
NVD
NVD
added 2021/05/19 2:15 p.m.32 views

CVE-2021-3517

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this...

8.6CVSS0.0828EPSS
Exploits0References13
OSV
OSV
added 2021/05/19 2:15 p.m.33 views

CVE-2021-3517

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this...

8.6CVSS4.7AI score
Exploits0References13
OSV
OSV
added 2021/05/19 2:15 p.m.1 views

DEBIAN-CVE-2021-3517

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this...

8.6CVSS7.1AI score0.0828EPSS
Exploits0References1
OSV
OSV
added 2021/05/19 2:15 p.m.2 views

ALPINE-CVE-2021-3517

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this...

8.6CVSS6.5AI score0.0828EPSS
Exploits0References1
Prion
Prion
added 2021/05/19 2:15 p.m.28 views

Out-of-bounds

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this...

7.5CVSS8.5AI score0.0828EPSS
Exploits0References13Affected Software12
OSV
OSV
added 2021/05/19 2:15 p.m.4 views

UBUNTU-CVE-2021-3517

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this...

8.6CVSS6.8AI score0.0828EPSS
Exploits0References5
Rows per page
Query Builder