EUVD-2016-4730

Malware in sbrugna...

RockyLinux 10 : libxml2 (RLSA-2025:10630)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:10630 advisory. libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Null pointer dereference leads to Denial of service DoS...

RockyLinux 9 : libxml2 (RLSA-2025:10699)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:10699 advisory. libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Type confusion leads to Denial of service DoS CVE-2025-49796...

EUVD-2017-2319

Malicious code in bioql PyPI...

EUVD-2023-44451

Malicious code in bioql PyPI...

CVE-2025-9714

CVE-2025-9714 affects libxml2 up to and including 2.9.14. The vulnerability arises from uncontrolled recursion in XPath evaluation: xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr reset recursion depth to zero before recursion, enabling stack overflow via crafted expressions. Impact is...

Libxml: null pointer dereference leads to denial of service (dos)

...

K000153130: libxml2 vulnerabilities CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796

Security Advisory Description CVE-2025-49794 A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as...

Linux Distros Unpatched Vulnerability : CVE-2023-3823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state to track configuration variables...

ROS-20250814-07

A vulnerability in the libxml2 library is related to a post-release usage error in the function xmlXIncludeAddNode in xinclude.c. Exploitation of the vulnerability could allow an attacker acting remotely to compromise a vulnerable system...

RHEL 8 : libxml2 (RHSA-2025:13788)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13788 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-bounds Read in...

libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denia...

Alibaba Cloud Linux 3 : 0136: libxml2 (ALINUX3-SA-2025:0136)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0136 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-32415: In libxml2 before 2.13.8 and 2.14.x...

Oracle Linux 9 : libxml2 (ELSA-2025-13428)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-13428 advisory. - Fix CVE-2025-32415 RHEL-100182 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

libxml: Heap use after free (UAF) leads to Denial of service (DoS)

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

RockyLinux 9 : php:8.2 (RLSA-2025:7432)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:7432 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-deco...

Libxml: heap use after free (uaf) leads to denial of service (dos)

...

Libxml: type confusion leads to denial of service (dos)

...

Rocky Linux Updates in ASCG 3.3.0

Multiple Rocky Linux updates applied to Brocade ASCG 3.3.0 RockyLinux 8:bzip2 RLSA-2025:0733 bzip2: bzip2: Data integrity error when decompressing with data integrity tests fail. CVE-2019-12900 RockyLinux 8:pam RLSA-2024:10379 pam: libpam: Libpam vulnerable to read hashed password CVE-2024-10041...

libxml: Type confusion leads to Denial of service (DoS)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...