Lucene search
+L

183 matches found

CNVD
CNVD
added 2015/12/18 12:0 a.m.4 views

libxml2 Denial of Service Vulnerability (CNVD-2015-08376)

Libxml2 is the GNOME project team developed a C-based language used to parse XML documents library , which supports a variety of encoding formats , Xpath parsing , Well-formed and valid validation and so on. A security vulnerability exists in the 'xmlSAX2TextNode' function in the SAX2.c file of t...

5.8CVSS8.1AI score0.04268EPSS
Exploits0References1
OSV
OSV
added 2015/12/15 9:59 p.m.1 views

DEBIAN-CVE-2015-5312

The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted XML data, a different vulnerability than CVE-2014-3660...

7.1CVSS9.1AI score0.04537EPSS
Exploits0References1
OSV
OSV
added 2014/11/24 3:59 p.m.5 views

UBUNTU-CVE-2014-1424

apparmorparser in the apparmor package before 2.8.952430-0ubuntu5.1 in Ubuntu 14.04 allows attackers to bypass AppArmor policies via unspecified vectors, related to a "miscompilation flaw."...

6.4CVSS5.8AI score0.0157EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2014/10/21 7:41 p.m.4 views

wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)

The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service application crash via a crafted file...

5CVSS5.9AI score0.03058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/09/26 1:46 a.m.8 views

bash: parser can allow out-of-bounds memory access while handling redir_stack

It was identified that the fixed-sized redirstack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code...

10CVSS7.2AI score0.64336EPSS
Exploits13References4
ATTACKERKB
ATTACKERKB
added 2012/03/21 10:11 a.m.2 views

CVE-2012-1430

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway formerly Webwasher 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03...

4.3CVSS5.7AI score0.96091EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2012/03/21 10:11 a.m.5 views

CVE-2012-1424

The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal aka Cat QuickHeal 11.00, Jiangmin Antivirus 13.0.900, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \19\04\00\10...

4.3CVSS5.7AI score0.87443EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2012/03/21 10:11 a.m.4 views

CVE-2012-1443

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal aka Cat QuickHeal 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0....

4.3CVSS5.7AI score0.99636EPSS
Exploits0References18
ATTACKERKB
ATTACKERKB
added 2012/03/21 10:11 a.m.3 views

CVE-2012-1462

The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal aka Cat QuickHeal 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900,...

4.3CVSS5.7AI score0.97903EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2012/03/21 10:11 a.m.3 views

CVE-2012-1423

The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, K7 AntiVirus 9.77.3565, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5,...

4.3CVSS5.7AI score0.89857EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2012/03/21 10:11 a.m.1 views

CVE-2012-1419

The TAR file parser in ClamAV 0.96.4 and Quick Heal aka Cat QuickHeal 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial aliases character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the...

4.3CVSS5.7AI score0.41367EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2012/03/21 10:11 a.m.2 views

CVE-2012-1441

The Microsoft EXE file parser in eSafe 7.0.17.0 and Prevx 3.0 allows remote attackers to bypass malware detection via an EXE file with a modified value in any of several e fields. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurr...

4.3CVSS5.7AI score0.70564EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2010/08/04 9:30 p.m.8 views

apr-util billion laughs attack

The expat XML parser in the aprxml interface in xml/aprxml.c in Apache APR-util before 1.3.7, as used in the moddav and moddavsvn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via a crafted XML document containing a large number of nest...

7.5CVSS7AI score0.52988EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2010/06/22 9:32 p.m.7 views

seamonkey/thunderbird: crash when indexing certain messages with attachments

Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted message,...

4.3CVSS7.8AI score0.03186EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.14 views

SuSE 11 Security Update : strongswan (SAT Patch Number 1283)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...

5CVSS5.4AI score0.01577EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.19 views

SuSE 10 Security Update : openswan (ZYPP Patch Number 6478)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

5CVSS5.4AI score0.01577EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/09/22 12:0 a.m.17 views

openSUSE Security Update : strongswan (strongswan-1281)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...

5CVSS5.4AI score0.01577EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2009/09/22 12:0 a.m.15 views

openSUSE Security Update : strongswan (strongswan-1281)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...

5CVSS5.4AI score0.01577EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/07/17 1:13 p.m.9 views

Important: Red Hat Security Advisory: httpd22 security update

Updated httpd22 packages that fix multiple security issues are now available for JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server...

7.5CVSS6.8AI score0.52988EPSS
Exploits10References6
RedHat Linux
RedHat Linux
added 2008/06/30 3:33 p.m.8 views

BMP image parser vulnerability

The BMP image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.119 and earlier, when running on Unix/Linux systems,...

4.3CVSS6AI score0.03485EPSS
Exploits0References4
Rows per page
Query Builder