Lucene search
K

6939 matches found

Tenable Nessus
Tenable Nessus
added 2015/07/08 12:0 a.m.44 views

GLSA-201507-08 : libxml2: Denial of Service

The remote host is affected by the vulnerability described in GLSA-201507-08 libxml2: Denial of Service libxml2 returns the empty string when the allocation limit is encountered while constructing the attribute value string. Impact : A remote attacker may be able to cause Denial of Service via a...

5CVSS6.8AI score0.0634EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2015/07/07 12:0 a.m.33 views

libxml2: Denial of service

Background libxml2 is the XML C parser and toolkit developed for the Gnome project. Description libxml2 returns the empty string when the allocation limit is encountered while constructing the attribute value string. Impact A remote attacker may be able to cause Denial of Service via a specially...

5CVSS9.1AI score0.0634EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/07/06 12:0 a.m.50 views

Debian DLA-266-1 : libxml2 security update

This upload to Debian squeeze-lts fixes three issues found in the libxml2 package. 1 CVE-2015-1819 / 782782 Florian Weimer from Red Hat reported an issue against libxml2, where a parser which uses libxml2 chokes on a crafted XML document, allocating gigabytes of data. This is a fine line issue...

5CVSS6.8AI score0.0634EPSS
Exploits0References3
Debian
Debian
added 2015/07/03 10:3 a.m.36 views

[SECURITY] [DLA 266-1] libxml2 security update

Package : libxml2 Version : 2.7.8.dfsg-2+squeeze12 CVE ID : CVE-2015-1819 Debian Bug : 782782 782985 783010 This upload to Debian squeeze-lts fixes three issues found in the libxml2 package. 1 CVE-2015-1819 / 782782 Florian Weimer from Red Hat reported an issue against libxml2, where a parser whi...

5CVSS6.8AI score0.0634EPSS
Exploits0
OSV
OSV
added 2015/07/03 12:0 a.m.46 views

DLA-266-1 libxml2 - security update

Bulletin has no description...

9.8CVSS7.2AI score0.0634EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/07/02 12:0 a.m.35 views

FreeBSD : libxml2 -- Enforce the reader to run in constant memory (9c7177ff-1fe1-11e5-9a01-bcaec565249c)

Daniel Veilland reports : Enforce the reader to run in constant memory. One of the operation on the reader could resolve entities leading to the classic expansion issue. Make sure the buffer used for xmlreader operation is bounded. Introduce a new allocation type for the buffers for this effect...

5CVSS7.1AI score0.0634EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/05/27 12:0 a.m.30 views

SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2015:0003-1)

This libxml2 update fixes the following security and non-security issues : - Fix a denial of service via recursive entity expansion. CVE-2014-3660, bnc901546, bgo738805 - Fix a regression in xzlib compression support. bnc908376 Note that Tenable Network Security has extracted the preceding...

5CVSS6.5AI score0.03988EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.57 views

SUSE SLES10 Security Update : libxml2 (SUSE-SU-2013:1627-1)

libxml2 has been updated to fix the following security issue : - CVE-2013-0338: libxml2 allowed context-dependent attackers to cause a denial of service CPU and memory consumption via an XML file containing an entity declaration with long replacement text and many references to this entity, aka...

7.5CVSS6.8AI score0.04733EPSS
Exploits3References19
Fedora
Fedora
added 2015/05/11 12:11 a.m.31 views

[SECURITY] Fedora 20 Update: perl-XML-LibXML-2.0119-1.fc20

This module implements a Perl interface to the GNOME libxml2 library which provides interfaces for parsing and manipulating XML files. This module allows Perl programmers to make use of the highly capable validating XML parser and the high performance DOM implementation...

5CVSS3.7AI score0.04013EPSS
Exploits0
Fedora
Fedora
added 2015/05/10 11:34 p.m.32 views

[SECURITY] Fedora 21 Update: perl-XML-LibXML-2.0119-1.fc21

This module implements a Perl interface to the GNOME libxml2 library which provides interfaces for parsing and manipulating XML files. This module allows Perl programmers to make use of the highly capable validating XML parser and the high performance DOM implementation...

5CVSS3.7AI score0.04013EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/05/04 4:34 p.m.72 views

USN-2592-1: XML::LibXML vulnerability

Tilmann Haak discovered that XML::LibXML incorrectly handled the expandentities parameter in certain situations. A remote attacker could possibly use this issue to access sensitive information...

5CVSS8.3AI score0.04013EPSS
Exploits0
securityvulns
securityvulns
added 2015/05/04 12:0 a.m.103 views

[USN-2592-1] XML::LibXML vulnerability

========================================================================== Ubuntu Security Notice USN-2592-1 May 04, 2015 libxml-libxml-perl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

5CVSS0.5AI score0.04013EPSS
Exploits0
Debian
Debian
added 2015/05/01 5:12 p.m.23 views

[SECURITY] [DSA 3243-1] libxml-libxml-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3243-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 01, 2015 http://www.debian.org/security/faq -...

5CVSS5.8AI score0.04013EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/05/01 12:0 a.m.35 views

Debian Security Advisory DSA 3243-1 (libxml-libxml-perl - security update)

Tilmann Haak from xing.com discovered that XML::LibXML, a Perl interface to the libxml2 library, did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending ...

5CVSS9.3AI score0.04013EPSS
Exploits0References1
OSV
OSV
added 2015/05/01 12:0 a.m.26 views

DSA-3243-1 libxml-libxml-perl - security update

Bulletin has no description...

5CVSS9.3AI score0.04013EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.3 views

Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the mingw32-libxml2-2.7.6 package of the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

10CVSS7AI score0.13727EPSS
Exploits7References12Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities of the mingw32-libxml2-debuginfo-2.7.6 package for the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

10CVSS7.1AI score0.13727EPSS
Exploits7References12Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

The vulnerability of the Libxml2 software library for analyzing XML documents lies in the fact that an out-of-bound operation can be executed, allowing an attacker to cause a service failure.

The vulnerability of the Libxml2 software library for analyzing XML documents relates to the execution of operations beyond the acceptable data buffer limits. Exploiting this vulnerability allows a malicious actor to cause service failures...

4.3CVSS6.8AI score0.03121EPSS
Exploits2References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the libxml2 package up to version 2.7.3-r2 of the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

4.3CVSS6.3AI score0.03121EPSS
Exploits2References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libxml2-test package for the SUSE Linux Enterprise operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...

6.8CVSS7.3AI score0.04382EPSS
Exploits1References2
Rows per page
Query Builder