Tenable Nessus Multiple Vulnerabilities (TNS-2025-24)

Tenable Nessus is prone to multiple vulnerabilities in various third-party components expat, libxml2, libxslt. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

EulerOS Virtualization 2.13.0 : libxml2 (EulerOS-SA-2025-2586)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances whe...

EulerOS Virtualization 2.13.1 : libxml2 (EulerOS-SA-2025-2551)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances whe...

Security Bulletin:Vulnerability in libxml2 affects IBM Netezza Appliance

Summary The libxml2 package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-32415 Vulnerability Details CVEID:CVE-2025-32415 DESCRIPTION: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-bas...

Tenable Nessus 10.8.0 <= 10.8.6 / 10.9.0 < 10.9.6 / 10.10.0 <= 10.10.1 / 10.11.0 < 10.11.1 Multiple Vulnerabilities (TNS-2025-24)

According to its self-reported version, the Tenable Nessus application running on the remote host is 10.8.0 prior or equal to 10.8.6, 10.9.0 prior to 10.9.6, 10.10.0 prior or equal to 10.10.1 and 10.11.0 prior to 10.11.1. It is, therefore, affected by multiple vulnerabilities as referenced in the...

[R2] Nessus Versions 10.11.1 and 10.9.6 Fix Multiple Vulnerabilities

R2 Nessus Versions 10.11.1 and 10.9.6 Fix Multiple Vulnerabilities Arnie Cabral Mon, 12/15/2025 - 09:48 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components expat, libxml2, libxslt were found to contain vulnerabilities, and updated...

[R2] Nessus Versions 10.11.1 and 10.9.6 Fix Multiple Vulnerabilities

R2 Nessus Versions 10.11.1 and 10.9.6 Fix Multiple Vulnerabilities Arnie Cabral Mon, 12/15/2025 - 09:48 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components expat, libxml2, libxslt were found to contain vulnerabilities, and updated...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.1.1.1)

The version of AOS installed on the remote host is prior to 7.1.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.1.1.1 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely...

Linux Distros Unpatched Vulnerability : CVE-2025-66568

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through...

CVE-2025-66578

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Versions 3.1.3 contain an authentication bypass vulnerability due to a flaw in the libxml2 canonicalization process during document transformation. When libxml2’s canonicalization is invoked on an invalid XML...

CVE-2025-66568

The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrappi...

CVE-2025-66578

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Versions 3.1.3 contain an authentication bypass vulnerability due to a flaw in the libxml2 canonicalization process during document transformation. When libxml2’s canonicalization is invoked on an invalid XML...

CVE-2025-66568

The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrappi...

UBUNTU-CVE-2025-66568

The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrappi...

CVE-2025-66578 robrichards/xmlseclibs has an Libxml2 Canonicalization error which can bypass Digest/Signature validation

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Versions 3.1.3 contain an authentication bypass vulnerability due to a flaw in the libxml2 canonicalization process during document transformation. When libxml2’s canonicalization is invoked on an invalid XML...

CVE-2025-66578

CVE-2025-66578 affects robrichards/xmlseclibs (PHP) up to version 3.1.3. The root cause is a flaw in libxml2 canonicalization during document transformation: when canonicalizing invalid XML input, libxml2 may return an empty string instead of a canonicalized node. xmlseclibs then computes the Dig...

EUVD-2025-201790

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Versions 3.1.3 contain an authentication bypass vulnerability due to a flaw in the libxml2 canonicalization process during document transformation. When libxml2’s canonicalization is invoked on an invalid XML...

CVE-2025-66578 robrichards/xmlseclibs has an Libxml2 Canonicalization error which can bypass Digest/Signature validation

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Versions 3.1.3 contain an authentication bypass vulnerability due to a flaw in the libxml2 canonicalization process during document transformation. When libxml2’s canonicalization is invoked on an invalid XML...

CVE-2025-66568 ruby-saml Libxml2 Canonicalization errors can bypass Digest/Signature validation

The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrappi...

EUVD-2025-201828

The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrappi...