Lucene search
K

6939 matches found

RedHat Linux
RedHat Linux
added 2015/03/30 6:17 a.m.42 views

Moderate: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fro...

4.3CVSS6.7AI score0.081EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.38 views

RHEL 7 : libxml2 (RHSA-2015:0749)

Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fro...

4.3CVSS6.9AI score0.081EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.64 views

Mandriva Linux Security Advisory : libxml2 (MDVSA-2015:111)

Updated libxml2 packages fix security vulnerabilities : It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote...

5CVSS6.9AI score0.081EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.39 views

Debian DLA-151-1 : libxml2 security update

It was discovered that the update released for libxml2 in DSA 2978 fixing CVE-2014-0191 was incomplete. This caused libxml2 to still fetch external entities regardless of whether entity substitution or validation is enabled. In addition, this update addresses a regression introduced in DSA 3057 b...

5CVSS6.9AI score0.081EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.29 views

Debian DLA-80-1 : libxml2 security update

Sogeti found a denial of service flaw in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption denial of service...

5CVSS6.9AI score0.081EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.31 views

Debian DLA-16-1 : libxml2 security update

Daniel P. Berrange discovered a denial of service vulnerability in libxml2 entity substitution. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible...

4.3CVSS6.8AI score0.081EPSS
Exploits1References3
Debian
Debian
added 2015/02/07 4:7 p.m.38 views

[SECURITY] [DLA 151-1] libxml2 security update

Package : libxml2 Version : 2.7.8.dfsg-2+squeeze11 CVE ID : CVE-2014-0191 CVE-2014-3660 Debian Bug : 768089 It was discovered that the update released for libxml2 in DSA 2978 fixing CVE-2014-0191 was incomplete. This caused libxml2 to still fetch external entities regardless of whether entity...

5CVSS6.9AI score0.081EPSS
Exploits2
OSV
OSV
added 2015/02/07 12:0 a.m.35 views

DLA-151-1 libxml2 - security update

Bulletin has no description...

5CVSS6.9AI score0.081EPSS
Exploits2
Debian
Debian
added 2015/02/06 10:40 p.m.40 views

[SECURITY] [DSA 2978-2] libxml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2978-2 [email protected] http://www.debian.org/security/ Alessandro Ghedini February 06, 2015 http://www.debian.org/security/faq -...

5CVSS7.5AI score0.081EPSS
Exploits2
OSV
OSV
added 2015/02/06 12:0 a.m.34 views

DSA-2978-2 libxml2 - security update

Bulletin has no description...

5CVSS6.9AI score0.081EPSS
Exploits2
OpenVAS
OpenVAS
added 2015/01/30 12:0 a.m.41 views

VMware ESXi updates address security issues (VMSA-2015-0001) - Remote Version Check

VMware ESXi address several security issues. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7.1CVSS6.2AI score0.99999EPSS
Exploits8References1
OpenVAS
OpenVAS
added 2015/01/30 12:0 a.m.35 views

VMware ESXi updates address security issues (VMSA-2015-0001)

VMware ESXi address several security issues. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.2AI score0.99999EPSS
Exploits8References1
Tenable Nessus
Tenable Nessus
added 2015/01/29 12:0 a.m.107 views

VMSA-2015-0001 : VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues (POODLE)

a. VMware ESXi, Workstation, Player, and Fusion host privilege escalation vulnerability VMware ESXi, Workstation, Player and Fusion contain an arbitrary file write issue. Exploitation this issue may allow for privilege escalation on the host. The vulnerability does not allow for privilege...

7.1CVSS6.4AI score0.99999EPSS
Exploits8References9
Kaspersky
Kaspersky
added 2015/01/27 12:0 a.m.65 views

KLA10452 Multiple vulnerabilities in VMware products

Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to gain privileges or cause denial of service. Below is a complete list of vulnerabilities 1. Vectors related to file write can be exploited locally; 2. Improper input validation...

7.1CVSS8.7AI score0.99999EPSS
Exploits8References8
Tenable Nessus
Tenable Nessus
added 2015/01/23 12:0 a.m.48 views

Juniper Junos libxml2 Library Multiple Vulnerabilities (JSA10669)

According to its self-reported version number, the remote Junos device is affected by multiple vulnerabilities in the libxml2 library : - A heap-based buffer overflow vulnerability exists which can result in arbitrary code execution. CVE-2011-1944 - A denial of service vulnerability exists which...

9.3CVSS8.1AI score0.13727EPSS
Exploits2References6
Prion
Prion
added 2015/01/21 2:59 p.m.28 views

Design/Logic Flaw

The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation i...

4.3CVSS6.5AI score0.081EPSS
Exploits1References14Affected Software1
NVD
NVD
added 2015/01/21 2:59 p.m.25 views

CVE-2014-0191

The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation i...

4.3CVSS7.3AI score0.081EPSS
Exploits1References14
OSV
OSV
added 2015/01/21 2:59 p.m.7 views

CVE-2014-0191

The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation i...

6AI score
Exploits0References15
CVE
CVE
added 2015/01/21 2:0 a.m.251 views

CVE-2014-0191

CVE-2014-0191 affects libxml2 up to version 2.9.1, where xmlParserHandlePEReference can load external parameter entities even when entity substitution or validation is disabled. This vulnerability can be exploited by processing crafted XML to cause resource consumption and denial of service in af...

4.3CVSS6.6AI score0.081EPSS
Exploits1References14Affected Software1
Cvelist
Cvelist
added 2015/01/21 2:0 a.m.32 views

CVE-2014-0191

The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation i...

6.7AI score0.081EPSS
Exploits1References14
Rows per page
Query Builder