Lucene search
K

6941 matches found

CNNVD
CNNVD
added 2021/05/01 12:0 a.m.2 views

libxml2 代码问题漏洞

libxml2 is a software library for parsing XML documents. A null pointer dereference vulnerability exists in libxml2 versions prior to 2.9.11. An attacker can exploit this vulnerability to crash a program via a specially crafted XML document...

5.9CVSS8.4AI score0.03503EPSS
Exploits0References44
Positive Technologies
Positive Technologies
added 2021/04/30 12:0 a.m.7 views

PT-2021-4589

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.11 Description The issue is related to the libxml2 library's parser component, which fails to propagate errors when parsing XML content. This can be exploited by a remote attacker using a specially crafted XML...

10CVSS7AI score0.51733EPSS
Exploits23References146
RedhatCVE
RedhatCVE
added 2021/04/27 7:49 p.m.34 views

CVE-2021-3518

There's a flaw in libxml2. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...

8.8CVSS7.3AI score0.03653EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/04/27 7:36 p.m.53 views

CVE-2021-3517

There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application...

8.6CVSS8.2AI score0.0828EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/04/27 7:31 p.m.46 views

CVE-2021-3516

There's a flaw in libxml2's xmllint. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability. Mitigation This flaw can be mitigated by not using xmllint with the...

7.8CVSS1.7AI score0.0199EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/04/22 12:0 a.m.6 views

PT-2021-4592

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.11 Nokogiri versions prior to 1.11.4 Description The issue is related to a flaw in the xml entity encoding functionality, which could trigger an out-of-bounds read if a crafted file is processed by an application...

10CVSS6.9AI score0.51733EPSS
Exploits23References167
Positive Technologies
Positive Technologies
added 2021/04/22 12:0 a.m.8 views

PT-2021-4600

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.11 Description The issue is related to a use-after-free flaw in the xinclude.c component of the libxml2 library, which can be triggered by a specially crafted file. This can allow a remote attacker to access...

10CVSS6.9AI score0.51733EPSS
Exploits23References170
OpenVAS
OpenVAS
added 2021/04/21 12:0 a.m.25 views

CentOS: Security Advisory for libxml2 (CESA-2015:2549)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1CVSS9.5AI score0.0721EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2021/04/21 12:0 a.m.5 views

PT-2021-4599

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.11 Description The issue is related to a use-after-free flaw in libxml2's xmllint. An attacker can exploit this by submitting a crafted file to be processed, potentially leading to unauthorized access to...

10CVSS6.9AI score0.51733EPSS
Exploits23References136
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2017:1454-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.07347EPSS
Exploits7References9
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2015:0003-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.03988EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2017:1366-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.081EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2017:1538-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.04888EPSS
Exploits5References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2016:1538-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.1398EPSS
Exploits11References17
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2019:1896-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS7.9AI score0.02938EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2018:0401-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.3AI score0.02979EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2017:0380-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.08628EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2016:0178-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.04883EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2016:2650-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.1AI score0.08628EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2016:0049-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS8.1AI score0.0721EPSS
Exploits3References15
Rows per page
Query Builder