Astra Linux - уязвимость в libxml2

A vulnerability was discovered in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to create a malicious XML input file that can cause libxml to crash, resulting in a denial of service or other undefined...

UBUNTU-CVE-2025-69194

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially...

CVE-2025-69194 Wget2: arbitrary file write via metalink path traversal in gnu wget2

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially...

libxml: Type confusion leads to Denial of service (DoS)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

libxml: Type confusion leads to Denial of service (DoS)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

CLSA-2025-1753377886 libxml2: Fix of 2 CVEs

CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements - CVE-2025-49796: fix memory corruption issue triggered by processing sch:name elements in input XML file...

SUSE CVE-2025-49796

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

PT-2023-9148 · Unknown · Sante Pacs Server

Name of the Vulnerable Software and Affected Versions: Sante PACS Server PG affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Sante PACS Server PG. Authentication is not required to exploit this issue. The specif...

Android Wi-Fi File Elevation of Privilege Vulnerability

Android is an open source operating system based on Linux. A security vulnerability in the server/wifi/anqp/VenueNameElement.java file in Android's Wi-Fi allows remote attackers to exploit the vulnerability to build malicious applications with elevated privileges...

CVE-2016-3882

Off-by-one error in server/wifi/anqp/VenueNameElement.java in Wi-Fi in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service reboot via an access point that provides a crafted 1 Venue Group or 2 Venue Type value, aka internal bug 29464811...

CVE-2008-3733

Stack-based buffer overflow in EO Video eo-video 1.36 allows remote attackers to cause a denial of service application crash or execute arbitrary code via a .eop aka playlist file with a ProjectElement element that contains a long Name element...