Lucene search
K

6939 matches found

BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libxml2-static-2.7.6 package of the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

7.5CVSS6.8AI score0.081EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

The vulnerability of the Libxml2 software library for analyzing XML documents lies in the fact that an out-of-bound operation can be executed, allowing an attacker to cause a service failure.

The vulnerability of the Libxml2 software library for analyzing XML documents relates to the execution of operations beyond the acceptable data buffer limits. Exploiting this vulnerability allows a malicious actor to cause service failures...

4.3CVSS6.8AI score0.03121EPSS
Exploits2References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the libxml2 package up to version 2.7.3-r2 of the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

4.3CVSS6.3AI score0.03121EPSS
Exploits2References7Affected Software2
Positive Technologies
Positive Technologies
added 2015/04/14 12:0 a.m.8 views

PT-2015-3363

Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description The issue is related to insufficient restriction of XML links to external objects in the libxml2 library's XML file parser. This can be exploited by a remote attacker using a specially crafte...

10CVSS7.3AI score0.51733EPSS
Exploits36References142
RubySec
RubySec
added 2015/04/14 12:0 a.m.66 views

Nokogiri gem contains several vulnerabilities in libxml2 and libxslt

Several vulnerabilities were discovered in the libxml2 and libxslt libraries that the Nokogiri gem depends on. CVE-2015-1819 A denial of service flaw was found in the way libxml2 parsed XML documents. This flaw could cause an application that uses libxml2 to use an excessive amount of memory...

6.8CVSS4.2AI score0.0634EPSS
Exploits3References1Affected Software1
FreeBSD
FreeBSD
added 2015/04/14 12:0 a.m.40 views

libxml2 -- Enforce the reader to run in constant memory

Daniel Veilland reports: Enforce the reader to run in constant memory. One of the operation on the reader could resolve entities leading to the classic expansion issue. Make sure the buffer used for xmlreader operation is bounded. Introduce a new allocation type for the buffers for this effect...

5CVSS9.2AI score0.0634EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/04/13 12:0 a.m.34 views

Fedora 20 : libxml2-2.9.1-4.fc20 (2015-4719)

fixes built in also added a couple of other entities related patches including a fix to CVE-2014-3660 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

5CVSS6.9AI score0.081EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2015/04/12 12:0 a.m.29 views

Fedora Update for libxml2 FEDORA-2015-4719

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7AI score
Exploits0References2
OpenVAS
OpenVAS
added 2015/04/08 12:0 a.m.44 views

Fedora Update for libxml2 FEDORA-2015-4658

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7AI score
Exploits0References2
Debian
Debian
added 2015/04/07 6:58 p.m.38 views

[SECURITY] [DSA 3057-2] libxml2 regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3057-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 07, 2015 http://www.debian.org/security/faq -...

5CVSS1.9AI score0.03988EPSS
Exploits1
Debian
Debian
added 2015/04/07 6:58 p.m.43 views

[SECURITY] [DSA 3057-2] libxml2 regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3057-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 07, 2015 http://www.debian.org/security/faq -...

5CVSS6.8AI score0.03988EPSS
Exploits1
Fedora
Fedora
added 2015/04/07 7:30 a.m.38 views

[SECURITY] Fedora 21 Update: libxml2-2.9.1-7.fc21

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

5CVSS0.5AI score0.081EPSS
Exploits2
OSV
OSV
added 2015/04/07 12:0 a.m.32 views

DSA-3057-2 libxml2 - regression update

Bulletin has no description...

6AI score
Exploits0
Cent OS
Cent OS
added 2015/04/01 3:26 a.m.68 views

libxml2 security update

CentOS Errata and Security Advisory CESA-2015:0749 Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

4.3CVSS6.7AI score0.081EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2015/04/01 12:0 a.m.59 views

CentOS 7 : libxml2 (CESA-2015:0749)

Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fro...

4.3CVSS6.9AI score0.081EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/04/01 12:0 a.m.30 views

CentOS Update for libxml2 CESA-2015:0749 centos7

Check the version of libxml2 SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882149";...

4.3CVSS6.9AI score0.081EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.22 views

Oracle Linux 7 : libxml2 (ELSA-2015-0749)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-0749 advisory. - Fix missing entities after CVE-2014-3660 fix - CVE-2014-0191 Do not fetch external parameter entities rhbz1195649 Tenable has extracted the preceding...

5CVSS7AI score0.081EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.33 views

Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20150330)

It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity XXE attacks, possibly resulting ...

4.3CVSS7AI score0.081EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/03/31 12:0 a.m.23 views

RedHat Update for libxml2 RHSA-2015:0749-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS8.5AI score0.081EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2015/03/30 6:17 a.m.1 views

libxml2: external parameter entity loaded when entity substitution is disabled

It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity XXE attacks, possibly resulting ...

4.3CVSS6.8AI score0.081EPSS
Exploits1References4
Rows per page
Query Builder