Lucene search
K

6942 matches found

Cloud Foundry
Cloud Foundry
added 2015/12/02 12:0 a.m.14 views

USN-2812-1 libxml2 vulnerability | Cloud Foundry

USN-2812-1 libxml2 vulnerability Medium Vendor libxml2 Versions Affected Ubuntu 14.04 Description Florian Weimer discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause...

8.3AI score
Exploits0
OpenVAS
OpenVAS
added 2015/12/01 12:0 a.m.29 views

Fedora Update for libxml2 FEDORA-2015-037

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS7.7AI score0.0721EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/11/30 12:0 a.m.34 views

Debian DLA-355-1 : libxml2 security update

CVE-2015-8241 Buffer overread with XML parser in xmlNextChar CVE-2015-8317 - issues in the xmlParseXMLDecl function: If we fail conversing the current input stream while processing the encoding declaration of the XMLDecl then it's safer to just abort there and not try to report further errors. - ...

6.8CVSS7AI score0.06908EPSS
Exploits2References4
Debian
Debian
added 2015/11/29 10:45 p.m.58 views

[SECURITY] [DLA 355-1] libxml2 security update

Package : libxml2 Version : 2.7.8.dfsg-2+squeeze15 CVE ID : CVE-2015-8241 CVE-2015-8317 Debian Bug : 806384 CVE-2015-8241 Buffer overread with XML parser in xmlNextChar CVE-2015-8317 - issues in the xmlParseXMLDecl function: If we fail conversing the current input stream while processing the...

6.8CVSS8AI score0.06908EPSS
Exploits2
OSV
OSV
added 2015/11/29 12:0 a.m.46 views

DLA-355-1 libxml2 - security update

Bulletin has no description...

6.4CVSS6.7AI score0.06908EPSS
Exploits1
OpenVAS
OpenVAS
added 2015/11/27 12:0 a.m.44 views

Mageia: Security Advisory (MGASA-2015-0457)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.0721EPSS
Exploits1References7
Fedora
Fedora
added 2015/11/26 9:1 p.m.32 views

[SECURITY] Fedora 23 Update: libxml2-2.9.3-1.fc23

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

7.1CVSS0.5AI score0.0721EPSS
Exploits2
OSV
OSV
added 2015/11/26 8:47 p.m.9 views

MGASA-2015-0457 Updated libxml2 packages fix security vulnerabilities

Updated libxml2 packages fix security vulnerabilities: In libxml2 before 2.9.3, one case where when dealing with entities expansion, it failed to exit, leading to a denial of service CVE-2015-5312. In libxml2 before 2.9.3, it was possible to hit a negative offset in the name indexing used to...

9.8CVSS6.9AI score0.0721EPSS
Exploits1References6
Mageia
Mageia
added 2015/11/26 8:47 p.m.55 views

Updated libxml2 packages fix security vulnerabilities

Updated libxml2 packages fix security vulnerabilities: In libxml2 before 2.9.3, one case where when dealing with entities expansion, it failed to exit, leading to a denial of service CVE-2015-5312. In libxml2 before 2.9.3, it was possible to hit a negative offset in the name indexing used to...

9.8CVSS8.3AI score0.0721EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2015/11/26 12:0 a.m.26 views

CVE-2015-7498

Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure...

5CVSS7.3AI score0.07017EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2015/11/26 12:0 a.m.25 views

CVE-2015-7497

Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors...

5CVSS7.3AI score0.0721EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2015/11/26 12:0 a.m.37 views

CVE-2015-5312

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted XML data, a different vulnerability than CVE-2014-3660...

7.1CVSS6.9AI score0.04537EPSS
Exploits0References2
OSV
OSV
added 2015/11/26 12:0 a.m.1 views

UBUNTU-CVE-2015-5312

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted XML data, a different vulnerability than CVE-2014-3660...

7.1CVSS6.9AI score0.04537EPSS
Exploits0References3
OSV
OSV
added 2015/11/26 12:0 a.m.2 views

UBUNTU-CVE-2015-7497

Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors...

5CVSS7.4AI score0.0721EPSS
Exploits0References3
OSV
OSV
added 2015/11/26 12:0 a.m.2 views

UBUNTU-CVE-2015-7498

Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure...

5CVSS7.4AI score0.07017EPSS
Exploits0References3
OSV
OSV
added 2015/11/26 12:0 a.m.2 views

UBUNTU-CVE-2015-7499

Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors...

5CVSS7.4AI score0.06464EPSS
Exploits0References4
OSV
OSV
added 2015/11/26 12:0 a.m.4 views

UBUNTU-CVE-2015-7500

The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service out-of-bounds heap read via unspecified vectors related to incorrect entities boundaries and start tags...

5CVSS7.2AI score0.05917EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/11/23 12:0 a.m.47 views

FreeBSD : libxml2 -- multiple vulnerabilities (e5423caf-8fb8-11e5-918c-bcaec565249c)

reports : CVE-2015-5312 Another entity expansion issue David Drysdale. CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey David Drysdale. CVE-2015-7498 Avoid processing entities after encoding conversion failures Daniel Veillard. CVE-2015-7499 1 Add xmlHaltParser to stop the...

7.1CVSS7.4AI score0.0721EPSS
Exploits2References13
UbuntuCve
UbuntuCve
added 2015/11/23 12:0 a.m.43 views

CVE-2015-8317

The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an 1 unterminated encoding value or 2 incomplete XML declaration in XML data, which triggers an out-of-bounds heap read...

5CVSS7.1AI score0.05907EPSS
Exploits1References3
OSV
OSV
added 2015/11/23 12:0 a.m.3 views

UBUNTU-CVE-2015-8317

The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an 1 unterminated encoding value or 2 incomplete XML declaration in XML data, which triggers an out-of-bounds heap read...

5CVSS7.1AI score0.05907EPSS
Exploits1References4
Rows per page
Query Builder