Lucene search
K

28 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.5 views

Siemens (CVE-2025-49796)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

9.1CVSS6.9AI score0.01437EPSS
Exploits0References3
OSV
OSV
added 2026/04/15 12:7 p.m.10 views

RLSA-2026:7675 Important: nodejs24 security update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

7.5CVSS6.7AI score0.26356EPSS
Exploits1References19
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.4 views

EulerOS Virtualization 2.12.1 : libxml2 (EulerOS-SA-2026-1442)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an over...

9.1CVSS7.3AI score0.01437EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/02/14 1:57 a.m.32 views

SUSE CVE-2020-37167

ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious...

8.6CVSS5.9AI score0.00172EPSS
Exploits0References3
CVE
CVE
added 2026/02/12 10:48 p.m.28 views

CVE-2020-37167

CVE-2020-37167 affects ClamAV before 0.103.0-rc, where the ClamBC bytecode interpreter mishandles function name processing due to weak input validation in function name encoding. This can allow manipulation of bytecode function names and potentially execute malicious bytecode or cause unexpected ...

8.6CVSS6AI score0.00172EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.3 views

EulerOS 2.0 SP13 : libxml2 (EulerOS-SA-2025-2301)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML...

9.1CVSS6.8AI score0.01437EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-4063

Malware in sbrugna...

7.8CVSS7.6AI score0.0099EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-9807

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01752EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-44230

Malicious code in bioql PyPI...

9.8CVSS6.7AI score0.00777EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/07/30 7:10 a.m.5 views

libxml: Type confusion leads to Denial of service (DoS)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

9.1CVSS7.1AI score0.01437EPSS
Exploits0References5
OSV
OSV
added 2025/07/23 8:41 p.m.6 views

CLSA-2025-1753303283 libxml2: Fix of 2 CVEs

CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements - CVE-2025-49796: fix memory corruption issue triggered by processing sch:name elements in input XML file...

9.1CVSS6.8AI score0.01437EPSS
Exploits0References1
OSV
OSV
added 2025/07/16 8:32 a.m.6 views

CLSA-2025-1752654760 libxml2: Fix of 3 CVEs

CVE-2025-49794: fix use-after-free issue triggered by processing certain elements in input XML file. - CVE-2025-49796: fix memory corruption issue triggered by processing certain sch:name elements in input XML file. - CVE-2025-6021: fix integer overflow in buffer size calculations to prevent...

9.1CVSS7.1AI score0.01437EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/06/19 12:0 a.m.7 views

The vulnerability in the ZendTo web application for transferring files involves an incorrect restriction on the path to the restricted directory. This allows a malicious actor to gain read and write access to data, or cause a service failure.

The vulnerability in the web application for transferring files via ZendTo is related to an incorrect restriction on the path to the restricted directory during the processing of the tmpname parameter. Exploiting this vulnerability can allow an attacker to gain read and modify access to data, or...

6.5CVSS8AI score0.6424EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/17 12:0 a.m.9 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the unlimited distribution of resources when processing token names. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

6.8CVSS5.5AI score0.00357EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/06/16 3:14 p.m.2 views

CVE-2025-49796

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

9.1CVSS6.9AI score0.01437EPSS
Exploits0References31
RedhatCVE
RedhatCVE
added 2025/05/22 7:15 p.m.11 views

CVE-2021-22671

Multiple integer overflow issues exist while processing long domain names, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prio...

9.8CVSS7.5AI score0.01752EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.7 views

PT-2024-26403 · Unknown · Campcodes Online Event Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Event Management System version 1.0 Description: A problematic issue has been found in the system, affecting the processing of the file /views/process.php. The manipulation of the name argument leads to cross-site scripting...

5.4CVSS4.3AI score0.00494EPSS
Exploits1References7
OSV
OSV
added 2023/08/09 3:15 p.m.9 views

UBUNTU-CVE-2023-4273

A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file...

6.7CVSS6.5AI score0.00664EPSS
Exploits1References13
BDU FSTEC
BDU FSTEC
added 2023/06/20 12:0 a.m.6 views

The vulnerability of Huawei 535-232a router’s micro-programming software, related to access control errors when processing domain names, allows a hacker to intercept packets.

The vulnerability of Huawei 535-232a router’s microprogramming software is related to access control errors during the processing of domain names. Exploiting this vulnerability allows a remote attacker to intercept packets...

8CVSS6.6AI score0.00304EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/06/16 12:0 a.m.5 views

The vulnerability of the Cgo module in the Go programming language, allowing attackers to execute arbitrary code

The vulnerability of the Cgo module in the Go programming language is related to incorrect code generation during the processing of directory names. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.3CVSS7.6AI score0.01708EPSS
Exploits0References9Affected Software3
Rows per page
Query Builder