Lucene search
K

6939 matches found

Debian
Debian
added 2021/05/10 12:31 p.m.111 views

[SECURITY] [DLA 2653-1] libxml2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2653-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 10, 2021 https://wiki.debian.org/LTS -...

8.8CVSS8.7AI score0.0828EPSS
Exploits1
Fedora
Fedora
added 2021/05/10 1:7 a.m.55 views

[SECURITY] Fedora 34 Update: libxml2-2.9.10-12.fc34

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

8.8CVSS7.7AI score0.0828EPSS
Exploits1
OSV
OSV
added 2021/05/10 12:0 a.m.60 views

DLA-2653-1 libxml2 - security update

Bulletin has no description...

8.8CVSS7.4AI score0.0828EPSS
Exploits1
OSV
OSV
added 2021/05/09 4:6 a.m.6 views

OPENSUSE-SU-2021:0692-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal bsc1185410. - CVE-2021-3516: Fixed a use after free in...

8.8CVSS8.7AI score0.0828EPSS
Exploits1References7
OPENSUSE Linux
OPENSUSE Linux
added 2021/05/09 12:0 a.m.49 views

Security update for libxml2 (moderate)

openSUSE Security Update: Security update for libxml2 Announcement ID: openSUSE-SU-2021:0692-1 Rating: moderate References: 1185408 1185409 1185410 Cross-References: CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVSS scores: CVE-2021-3516 SUSE: 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H...

5.9CVSS8.9AI score0.0828EPSS
Exploits1References3
Veracode
Veracode
added 2021/05/08 3:22 p.m.32 views

Denial Of Service (DoS)

libxml2 is vulnerable to denial of service. The vulnerability exists because of heap-based buffer overflow in xmlEncodeEntitiesInternal in entities.c...

8.6CVSS3.8AI score0.0828EPSS
Exploits0References18Affected Software18
Veracode
Veracode
added 2021/05/08 3:21 p.m.39 views

Arbitrary Code Execution

libxml2 is vulnerable to arbitrary code execution. A use-after-free occurs in xmllint when --html and --push options are used, allowing an attacker to execute arbitrary code on the host OS by submitting malicious files...

7.8CVSS4.8AI score0.0199EPSS
Exploits1References12Affected Software17
Veracode
Veracode
added 2021/05/08 3:20 p.m.38 views

Remote Code Execution (RCE)

libxml2 is vulnerable to remote code execution. The vulnerability exists due to a use after free in libxml2 in xmlXIncludeDoProcess in xinclude.c...

8.8CVSS2.9AI score0.03653EPSS
Exploits0References24Affected Software17
Veracode
Veracode
added 2021/05/08 2:26 p.m.32 views

Denial Of Service (DoS)

libxml2 is vulnerable to denial of service. It is due to a NULL pointer dereference when post-validating mix content parsed in recovery mode...

5.9CVSS4.1AI score0.03503EPSS
Exploits0References12Affected Software16
Tenable Nessus
Tenable Nessus
added 2021/05/07 12:0 a.m.40 views

SUSE SLES12 Security Update : libxml2 (SUSE-SU-2021:1524-1)

This update for libxml2 fixes the following issues : CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. CVE-2021-3517: Fixed a heap-based buffer overflow in entities.c:xmlEncodeEntitiesInternal bsc1185410. CVE-2021-3516: Fixed a use after free in...

8.8CVSS7.5AI score0.0828EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2021/05/07 12:0 a.m.51 views

SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2021:1523-1)

This update for libxml2 fixes the following issues : CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. CVE-2021-3517: Fixed a heap-based buffer overflow in entities.c:xmlEncodeEntitiesInternal bsc1185410. CVE-2021-3516: Fixed a use after free in...

8.8CVSS7.5AI score0.0828EPSS
Exploits1References10
CNNVD
CNNVD
added 2021/05/06 12:0 a.m.1 views

libxml2 缓冲区错误漏洞

libxml2 is a library written in C for parsing XML documents . A buffer overflow vulnerability exists in entities.c in libxml2, which can be exploited by an attacker to cause a buffer overflow or heap overflow...

8.6CVSS8.7AI score0.0828EPSS
Exploits0References49
CNNVD
CNNVD
added 2021/05/06 12:0 a.m.2 views

libxml2 资源管理错误漏洞

libxml2 is an open source library used to parse XML documents . It is written in C, and can be called for a variety of languages , such as C, C++, XSH. A resource management error vulnerability exists in libxml2 versions prior to 2.9.11. This vulnerability can be exploited to trigger post-release...

8.8CVSS8.3AI score0.03653EPSS
Exploits0References64
NCSC
NCSC
added 2021/05/06 12:0 a.m.2 views

Vulnerabilities fixed in libxml2

Several vulnerabilities have been fixed in libxml2. A malicious party could potentially exploit the vulnerabilities to cause a Denial-of-Service in an application that uses of this library by submitting a rogue XML file for processing. submit. -= SUSE =- SUSE has made updates available to fix the...

8.8CVSS8.7AI score0.0828EPSS
Exploits1
CNNVD
CNNVD
added 2021/05/06 12:0 a.m.3 views

libxml2 资源管理错误漏洞

libxml2 is an open source library used to parse XML documents . It is written in C, and can be called by a variety of languages, such as C, C++, XSH. A resource management error vulnerability exists in entities.c in libxml2, which arises from mismanagement of system resources e.g., memory, disk...

7.8CVSS7.2AI score0.0199EPSS
Exploits1References42
RedhatCVE
RedhatCVE
added 2021/05/05 7:49 p.m.41 views

CVE-2021-3537

A NULL pointer dereference flaw was found in libxml2, where it did not propagate errors while parsing XML mixed content. This flaw causes the application to crash if an untrusted XML document is parsed in recovery mode and post validated. The highest threat from this vulnerability is to system...

7.5CVSS7.1AI score0.03503EPSS
Exploits0References3
OSV
OSV
added 2021/05/05 4:25 p.m.6 views

SUSE-SU-2021:1524-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal bsc1185410. - CVE-2021-3516: Fixed a use after free in...

8.8CVSS9.1AI score0.0828EPSS
Exploits1References7
OSV
OSV
added 2021/05/05 4:24 p.m.5 views

SUSE-SU-2021:1523-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal bsc1185410. - CVE-2021-3516: Fixed a use after free in...

8.8CVSS9.1AI score0.0828EPSS
Exploits1References7
CNNVD
CNNVD
added 2021/05/01 12:0 a.m.1 views

libxml2 代码问题漏洞

libxml2 is a software library for parsing XML documents. A null pointer dereference vulnerability exists in libxml2 versions prior to 2.9.11. An attacker can exploit this vulnerability to crash a program via a specially crafted XML document...

5.9CVSS8.4AI score0.03503EPSS
Exploits0References44
Positive Technologies
Positive Technologies
added 2021/04/30 12:0 a.m.7 views

PT-2021-4589

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.11 Description The issue is related to the libxml2 library's parser component, which fails to propagate errors when parsing XML content. This can be exploited by a remote attacker using a specially crafted XML...

10CVSS7AI score0.51733EPSS
Exploits23References146
Rows per page
Query Builder