USN-8022-2 expat vulnerabilities

USN-8022-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory details: It was discovered that Expat incorrectly handled the initialization of parsers for external entities. An attacker could possibly use this issue to cause a...

CVE-2023-53309 drm/radeon: Fix integer overflow in radeon_cs_parser_init

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeoncsparserinit The type of size is unsigned, if size is 0x40000000, there will be an integer overflow, size will be zero after size = sizeofuint32t, will cause uninitialized memory to be...

SUSE CVE-2016-2175

Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF...

TwelveMonkeys ImageIO 代码问题漏洞

TwelveMonkeys ImageIO is an add-on plug-in and extension for ImageIO for Java from the Norwegian individual developer Harald Kuhr. A security vulnerability exists in TwelveMonkeys ImageIO versions prior to 3.7.1, which stems from an insecure initialization of the XML parser that reads XMP metadat...

DEBIAN-CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

GHSA-C9JJ-3WVG-Q65H Vulnerability that affects org.apache.pdfbox:pdfbox

Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted XFDF...