Lucene search
K

6941 matches found

FreeBSD
FreeBSD
added 2015/11/20 12:0 a.m.39 views

libxml2 -- multiple vulnerabilities

reports: CVE-2015-5312 Another entity expansion issue David Drysdale. CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey David Drysdale. CVE-2015-7498 Avoid processing entities after encoding conversion failures Daniel Veillard. CVE-2015-7499 1 Add xmlHaltParser to stop the...

7.1CVSS8.4AI score0.0721EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2015/11/20 12:0 a.m.7 views

PT-2015-3256

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.3 Description The issue is related to the xmlParseMisc function in parser.c, which allows context-dependent attackers to cause a denial of service due to an out-of-bounds heap read. This is related to incorrect...

10CVSS7.2AI score0.51733EPSS
Exploits36References141
Positive Technologies
Positive Technologies
added 2015/11/20 12:0 a.m.7 views

PT-2015-3254

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.3 Description The issue is related to a heap-based buffer overflow in the xmlParseXmlDecl function, which can be exploited by context-dependent attackers to cause a denial of service. This occurs via unspecified...

10CVSS7.5AI score0.51733EPSS
Exploits36References131
Positive Technologies
Positive Technologies
added 2015/11/20 12:0 a.m.9 views

PT-2015-3255

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.3 Description The issue is a heap-based buffer overflow in the xmlGROW function in parser.c in libxml2. This allows context-dependent attackers to obtain sensitive process memory information via unspecified vector...

10CVSS7.5AI score0.51733EPSS
Exploits36References152
CNVD
CNVD
added 2015/11/19 12:0 a.m.1 views

Libxml2 'parser.c' Buffer Overflow Vulnerability

Libxml2 is a C-based language used to parse XML documents library , which supports a variety of encoding formats , Xpath parsing , Well-formed and valid validation . A buffer overflow vulnerability exists in Libxml2 'parser.c'. An attacker could exploit the vulnerability to execute arbitrary code...

8.1AI score
Exploits0References1
CNVD
CNVD
added 2015/11/19 12:0 a.m.1 views

libxml2 Denial of Service Vulnerability (CNVD-2015-07711)

libxml2 is an XML parser and markup toolset. A denial of service vulnerability exists in libxml2 version 2.9.2 that allows attackers to cause a denial of service by crafting the xmlParseEntityDecl or xmlParseConditionalSections functions of parserc in XML data...

4.3CVSS7.9AI score0.03069EPSS
Exploits0References1
CNVD
CNVD
added 2015/11/19 12:0 a.m.1 views

libxml2 Denial of Service Vulnerability (CNVD-2015-07712)

libxml2 is an XML parser and markup toolset. A denial-of-service vulnerability exists in libxml2 that could be exploited by an attacker to launch a denial-of-service attack via carefully crafted XML data...

6.8CVSS8AI score0.04737EPSS
Exploits1References1
NVD
NVD
added 2015/11/18 4:59 p.m.30 views

CVE-2015-8035

The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data...

2.6CVSS6.6AI score0.03199EPSS
Exploits1References25
OSV
OSV
added 2015/11/18 4:59 p.m.1 views

DEBIAN-CVE-2015-8035

The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data...

2.6CVSS9AI score0.03199EPSS
Exploits1References1
OSV
OSV
added 2015/11/18 4:59 p.m.8 views

CVE-2015-8035

The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data...

6AI score
Exploits0References25
OSV
OSV
added 2015/11/18 4:59 p.m.8 views

CVE-2015-7942

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...

6.1AI score
Exploits0References35
NVD
NVD
added 2015/11/18 4:59 p.m.21 views

CVE-2015-7942

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...

6.8CVSS7AI score0.04737EPSS
Exploits1References29
OSV
OSV
added 2015/11/18 4:59 p.m.1 views

DEBIAN-CVE-2015-7942

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...

6.8CVSS7.7AI score0.04737EPSS
Exploits1References1
NVD
NVD
added 2015/11/18 4:59 p.m.18 views

CVE-2015-7941

libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and libxml2 crash via crafted XML data to the 1 xmlParseEntityDecl or 2 xmlParseConditionalSections function in parser.c, as demonstrated by...

4.3CVSS9.1AI score0.03069EPSS
Exploits0References22
OSV
OSV
added 2015/11/18 4:59 p.m.6 views

CVE-2015-7941

libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and libxml2 crash via crafted XML data to the 1 xmlParseEntityDecl or 2 xmlParseConditionalSections function in parser.c, as demonstrated by...

6.2AI score
Exploits0References22
ATTACKERKB
ATTACKERKB
added 2015/11/18 4:59 p.m.0 views

CVE-2015-7941

libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and libxml2 crash via crafted XML data to the 1 xmlParseEntityDecl or 2 xmlParseConditionalSections function in parser.c, as demonstrated by...

4.3CVSS5.5AI score0.03069EPSS
Exploits0References26
ATTACKERKB
ATTACKERKB
added 2015/11/18 4:59 p.m.0 views

CVE-2015-7942

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...

6.8CVSS5.5AI score0.04737EPSS
Exploits1References31
Prion
Prion
added 2015/11/18 4:59 p.m.26 views

Out-of-bounds

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...

6.8CVSS6.5AI score0.04737EPSS
Exploits1References29Affected Software9
Prion
Prion
added 2015/11/18 4:59 p.m.28 views

Out-of-bounds

libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and libxml2 crash via crafted XML data to the 1 xmlParseEntityDecl or 2 xmlParseConditionalSections function in parser.c, as demonstrated by...

4.3CVSS6.5AI score0.03069EPSS
Exploits0References22Affected Software2
Prion
Prion
added 2015/11/18 4:59 p.m.29 views

Design/Logic Flaw

The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data...

2.6CVSS6.7AI score0.03199EPSS
Exploits1References25Affected Software7
Rows per page
Query Builder