Lucene search
K

6939 matches found

OpenVAS
OpenVAS
added 2014/05/26 12:0 a.m.38 views

RedHat Update for libxml2 RHSA-2014:0513-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS8.5AI score0.081EPSS
Exploits1References2
Amazon
Amazon
added 2014/05/21 12:0 a.m.53 views

Medium: libxml2

Issue Overview: It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially-craft...

4.3CVSS7.6AI score0.081EPSS
Exploits1
Amazon
Amazon
added 2014/05/21 12:0 a.m.40 views

Low: libxml2

Issue Overview: parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service out-of-bounds read via a document that ends abruptly, related to the lack of certain checks for the XMLPARSEREOF state. Affected...

5CVSS7.1AI score0.04733EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/20 12:0 a.m.43 views

CentOS 6 : libxml2 (CESA-2014:0513)

Updated libxml2 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

5CVSS6.9AI score0.081EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/05/20 12:0 a.m.52 views

RHEL 6 : libxml2 (RHSA-2014:0513)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0513 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. It was discovered that libxml2 loaded...

5CVSS7AI score0.081EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2014/05/20 12:0 a.m.36 views

Scientific Linux Security Update : libxml2 on SL6.x i386/x86_64 (20140519)

It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity XXE attacks, possibly resulting ...

5CVSS6.8AI score0.081EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/05/20 12:0 a.m.33 views

Oracle Linux 6 : libxml2 (ELSA-2014-0513)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0513 advisory. - Improve handling of xmlStopParserCVE-2013-2877 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

5CVSS7.1AI score0.081EPSS
Exploits1References3
Cent OS
Cent OS
added 2014/05/19 1:8 p.m.77 views

libxml2 security update

CentOS Errata and Security Advisory CESA-2014:0513 Updated libxml2 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

5CVSS6.7AI score0.081EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2014/05/19 11:10 a.m.3 views

libxml2: Out-of-bounds read via a document that ends abruptly

parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service out-of-bounds read via a document that ends abruptly, related to the lack of certain checks for the XMLPARSEREOF state...

5CVSS6.8AI score0.04733EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/05/19 11:10 a.m.49 views

Moderate: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

5CVSS6.7AI score0.081EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2014/05/19 11:10 a.m.4 views

libxml2: external parameter entity loaded when entity substitution is disabled

It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity XXE attacks, possibly resulting ...

4.3CVSS6.7AI score0.081EPSS
Exploits1References4
Oracle linux
Oracle linux
added 2014/05/19 12:0 a.m.46 views

libxml2 security update

2.7.6-14.0.1.el65.1 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2-2.7.6-14.el65.1 - Improve handling of xmlStopParserCVE-2013-2877 - Do not fetch external parameter entities CVE-2014-0191...

5CVSS1.9AI score0.081EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/05/19 12:0 a.m.35 views

Ubuntu: Security Advisory (USN-2214-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS8.5AI score0.081EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/05/16 12:0 a.m.26 views

Ubuntu 14.04 LTS : libxml2 vulnerability (USN-2214-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2214-1 advisory. Daniel Berrange discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into...

4.3CVSS6.9AI score0.081EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2014/05/15 5:26 p.m.82 views

USN-2214-1: libxml2 vulnerability

Daniel Berrange discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service...

4.3CVSS7AI score0.081EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/05/13 12:0 a.m.52 views

FreeBSD : libxml2 -- entity substitution DoS (efdd0edc-da3d-11e3-9ecb-2c4138874f7d)

Stefan Cornelius reports : It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substitution in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a...

4.3CVSS6.9AI score0.081EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2014/05/13 12:0 a.m.24 views

Mandriva Linux Security Advisory : libxml2 (MDVSA-2014:086)

Updated libxml2 packages fix security vulnerability : It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote...

4.3CVSS7AI score0.081EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/05/13 12:0 a.m.25 views

FreeBSD : libxml2 -- lack of end-of-document check DoS (e7bb3885-da40-11e3-9ecb-2c4138874f7d)

CVE MITRE reports : parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service out-of-bounds read via a document that ends abruptly, related to the lack of certain checks for the XMLPARSEREOF state...

5CVSS6.9AI score0.04733EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2014/05/12 12:0 a.m.13 views

Fedora Update for python-lxml FEDORA-2014-5801

Check for the Version of python-lxml OpenVAS Vulnerability Test Fedora Update for python-lxml FEDORA-2014-5801 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

7.4AI score
Exploits0References2
Mageia
Mageia
added 2014/05/10 7:46 p.m.57 views

Updated libxml2 packages fix CVE-2014-0191

Updated libxml2 packages fix security vulnerability: It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote...

4.3CVSS7.8AI score0.081EPSS
Exploits1References2
Rows per page
Query Builder