MiracleLinux 4 : raptor-1.4.18-5.AXS4.1 (AXSA:2012-453:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-453:01 advisory. Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples. Security issues fixe...

GHSA-2R4H-8JXV-W2J8 CKAN vulnerable to stored XSS in resource description

Impact The helpers.markdownextract function did not perform sufficient sanitization of input data before wrapping in an HTML literal element. This helper is used to render user-provided data on dataset, resource, organization or group pages plus any page provided by an extension that used that...

CKAN vulnerable to stored XSS in resource description

Impact The helpers.markdownextract function did not perform sufficient sanitization of input data before wrapping in an HTML literal element. This helper is used to render user-provided data on dataset, resource, organization or group pages plus any page provided by an extension that used that...

raptor: integer underflow when normalizing a URI with the turtle parser

A flaw was found in the Raptor RDF syntax library librdf. An integer underflow condition may be triggered when normalizing a URI with the turtle parser. This issue could cause memory corruption or an application crash, leading to a denial of service or other undefined behavior...

Raptor RDF Syntax Library 安全漏洞

The Raptor RDF Syntax Library is a Redland Raptor RDF syntax library by Dave Beckett, an individual developer. A security vulnerability exists in Raptor RDF Syntax Library version 2.0.16 and earlier, which stems from a heap buffer over-read when parsing triples using the nquads parser...

UBUNTU-CVE-2023-22665

There is insufficient checking of user queries in Apache Jena versions 4.7.0 and earlier, when invoking custom scripts. It allows a remote user to execute arbitrary javascript via a SPARQL query...

SUSE CVE-2009-2464

The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...

SUSE CVE-2012-0037

Redland Raptor aka libraptor before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity XXE declaration and reference in an RDF document...

PT-2023-18774 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.13 Splunk Enterprise versions prior to 8.2.10 Description: The issue concerns the 'createrss' external search command, which overwrites existing Resource Description Format Site Summary RSS feeds withou...

CVE-2022-28890

A vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities...

Open-Xchange App Suite 7.8.2 - Cross-Site Scripting

Product: OX App Suite Vendor: OX Software GmbH Internal reference: 46484 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 7.8.2 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.6.2-rev46, 7.6.3-rev1...

CentOS Update for raptor CESA-2012:0410 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for raptor RHSA-2012:0410-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Advisory Name: libraptor - XXE in RDF/XML File Interpretation Release Date: 2012-03-24 Applications: libraptor / librdf...

PT-2012-1024 · Apache +5 · Openoffice +5

Name of the Vulnerable Software and Affected Versions: Redland Raptor aka libraptor versions prior to 2.0.7 LibreOffice versions prior to 3.4.6 and 3.5.x prior to 3.5.1 OpenOffice versions 3.3 and 3.4 Beta Description: The issue allows user-assisted remote attackers to read arbitrary files via a...

[SECURITY] Fedora 16 Update: shared-desktop-ontologies-0.8.0-1.fc16

The vision of the Social Semantic Desktop defines a user=E2=80=99s personal information environment as a source and end-point of the Semantic Web: Knowledge workers comprehensively express their information and data with respect to their own conceptualizations. Semantic Web languages and protocol...

security flaw

The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf file...