Lucene search
K

6941 matches found

Mageia
Mageia
added 2015/11/05 10:46 p.m.47 views

Updated libxml2 packages fix security vulnerability

A denial of service in libxml2 when parsing a specially crafted XML file if XZ support is enabled may cause applications to hang as the parsing never terminates CVE-2015-8035...

2.6CVSS7.4AI score0.03199EPSS
Exploits1References2
OSV
OSV
added 2015/11/02 8:21 p.m.6 views

MGASA-2015-0423 Updated libxml2 packages fix security vulnerabilities

Updated libxml2 packages fix security vulnerability: Crafted xml causes out of bound memory access in libxml2 due to a heap buffer-overflow in xmlParseConditionalSections in parser.c CVE-2015-7942...

6.8CVSS6.3AI score0.04737EPSS
Exploits1References4
Mageia
Mageia
added 2015/11/02 8:21 p.m.43 views

Updated libxml2 packages fix security vulnerabilities

Updated libxml2 packages fix security vulnerability: Crafted xml causes out of bound memory access in libxml2 due to a heap buffer-overflow in xmlParseConditionalSections in parser.c CVE-2015-7942...

6.8CVSS7.7AI score0.04737EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2015/11/02 12:0 a.m.36 views

CVE-2015-8035

The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data...

2.6CVSS6.8AI score0.03199EPSS
Exploits1References3
OSV
OSV
added 2015/11/02 12:0 a.m.4 views

UBUNTU-CVE-2015-8035

The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data...

2.6CVSS6.8AI score0.03199EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2015/11/02 12:0 a.m.8 views

PT-2015-2754

Name of the Vulnerable Software and Affected Versions libxml2 version 2.9.1 Description The issue is related to the xz decomp function in xzlib.c, which does not properly handle compression errors. This allows attackers to cause a denial of service, resulting in a process hang, by providing craft...

10CVSS7.3AI score0.51733EPSS
Exploits36References130
Debian
Debian
added 2015/10/26 6:34 p.m.15 views

[SECURITY] [DLA 334-2] libxml2 regression update

Package : libxml2 Version : 2.7.8.dfsg-2+squeeze14 Unfortunately I mixed up the build of the i386 version of the libxml2 package. dpkg did not understand the contents of an included trigger file and threw an error message. This new upload should fix this and you can get rid of the error message...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/10/26 12:0 a.m.40 views

Debian DLA-334-2 : libxml2 regression update

Unfortunately I mixed up the build of the i386 version of the libxml2 package. dpkg did not understand the contents of an included trigger file and threw an error message. This new upload should fix this and you can get rid of the error message with for example : apt-get update; apt-get -f instal...

5.4AI score
Exploits0References2
OSV
OSV
added 2015/10/26 12:0 a.m.9 views

DLA-334-2 libxml2 - regression update

Bulletin has no description...

7.2AI score
Exploits0
Debian
Debian
added 2015/10/25 5:14 p.m.26 views

[SECURITY] [DLA 334-1] libxml2 security update

Package : libxml2 Version : 2.7.8.dfsg-2+squeeze13 CVE ID : CVE-2015-7942 Debian Bug : 802827 Crafted xml causes out of bound memory access. heap-buffer-overflow in xmlParseConditionalSections...

6.8CVSS7.3AI score0.04737EPSS
Exploits1
OSV
OSV
added 2015/10/25 12:0 a.m.35 views

DLA-334-1 libxml2 - security update

Bulletin has no description...

6.8CVSS6.7AI score0.04737EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2015/10/23 12:0 a.m.30 views

CVE-2015-7942

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...

6.8CVSS7.1AI score0.04737EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2015/10/23 12:0 a.m.27 views

CVE-2015-7941

libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and libxml2 crash via crafted XML data to the 1 xmlParseEntityDecl or 2 xmlParseConditionalSections function in parser.c, as demonstrated by...

4.3CVSS7.1AI score0.03069EPSS
Exploits0References4
OSV
OSV
added 2015/10/23 12:0 a.m.3 views

UBUNTU-CVE-2015-7942

The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via crafted XML data, a different vulnerability than...

6.8CVSS7.1AI score0.04737EPSS
Exploits1References3
OSV
OSV
added 2015/10/23 12:0 a.m.3 views

UBUNTU-CVE-2015-7941

libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service out-of-bounds read and libxml2 crash via crafted XML data to the 1 xmlParseEntityDecl or 2 xmlParseConditionalSections function in parser.c, as demonstrated by...

4.3CVSS7.1AI score0.03069EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2015/10/23 12:0 a.m.7 views

PT-2015-2751

Name of the Vulnerable Software and Affected Versions libxml2 version 2.9.2 Description The issue is caused by improper handling of invalid input, allowing context-dependent attackers to cause a denial of service via crafted XML data. This can lead to an out-of-bounds read and a crash in libxml2...

10CVSS7.2AI score0.51733EPSS
Exploits36References128
Positive Technologies
Positive Technologies
added 2015/10/23 12:0 a.m.6 views

PT-2015-3213

Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description The issue is related to the xmlParseConditionalSections function in the libxml2 library, which can cause a denial of service due to an out-of-bounds read when parsing specially crafted XML...

10CVSS7.2AI score0.51733EPSS
Exploits36References138
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2015-0358)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.9AI score0.0634EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/10/14 12:0 a.m.23 views

Apple iOS < 8.4.1 Multiple Vulnerabilities

Binary data 8978.prm...

9.3CVSS7.3AI score0.13322EPSS
Exploits4References72
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.37 views

Oracle: Security Advisory (ELSA-2015-1419)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.3AI score0.0634EPSS
Exploits1References2
Rows per page
Query Builder