551 matches found
SUSE CVE-2015-3451
The clone function in XML::LibXML before 2.0119 does not properly set the expandentities option, which allows remote attackers to conduct XML external entity XXE attacks via crafted XML data to the 1 new or 2 loadxml function...
SUSE CVE-2015-8866
ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxmldisableentityloader changes in other threads, which allows remote attackers to conduct XML External Entity XXE and XML Entity Expansion XEE attacks via a crafted XML...
SUSE CVE-2016-3709
Possible cross-site scripting vulnerability in libxml after commit 960f0e2...
SUSE CVE-2017-10672
Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call...
Ubuntu: Security Advisory (USN-2028-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-89-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PYSEC-2022-255
There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may...
VTK 代码问题漏洞
VTK is an open source software system for image processing, 3D graphics, body drawing and visualization. VTK suffers from a code issue vulnerability that stems from its IO/Infovis/vtkXMLTreeReader.cxx component not checking the return value of the libxml2 API "xmlDocGetRootElement" and attempting...
Possible cross-site scripting vulnerability in libxml after commit 960f0e2.
...
CVE-2016-3709
Possible cross-site scripting vulnerability in libxml after commit 960f0e2...
ALPINE-CVE-2016-3709
Possible cross-site scripting vulnerability in libxml after commit 960f0e2...
CVE-2016-3709
Possible cross-site scripting vulnerability in libxml after commit 960f0e2...
DEBIAN-CVE-2016-3709
Possible cross-site scripting vulnerability in libxml after commit 960f0e2...
Cross site scripting
Possible cross-site scripting vulnerability in libxml after commit 960f0e2...
CVE-2016-3709
Possible cross-site scripting vulnerability in libxml after commit 960f0e2...
CVE-2016-3709
Possible cross-site scripting vulnerability in libxml after commit 960f0e2...
CVE-2016-3709
Possible cross-site scripting vulnerability in libxml after commit 960f0e2...
CVE-2016-3709
CVE-2016-3709 is a vulnerability in the libxml2 HTML 4 parser. The issue arises after commit 960f0e2 and enables cross-site scripting. Public advisories confirm impact on libxml2 and list fixed versions: Debian Bullseye fixes in 2.9.10+dfsg-6.7+deb11u5; AlmaLinux notes an XSS fix; Cloud Foundry a...
CVE-2016-3709
Possible cross-site scripting vulnerability in libxml after commit 960f0e2...
Ubuntu: Security Advisory (USN-5525-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...