Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-23807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are...

9.8CVSS7.1AI score0.09503EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2024/02/29 1:44 a.m.3 views

CVE-2024-23807

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

9.8CVSS7.1AI score0.09503EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/02/29 1:44 a.m.9 views

AZL-55898 CVE-2024-23807 affecting package xerces-c for versions less than 3.2.4-2

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

9.8CVSS7AI score0.01482EPSS
Exploits1References1
OSV
OSV
added 2024/02/29 1:44 a.m.8 views

AZL-55883 CVE-2024-23807 affecting package xerces-c for versions less than 3.2.4-2

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

9.8CVSS6.8AI score0.01482EPSS
Exploits1References1
OSV
OSV
added 2024/02/29 1:44 a.m.2 views

UBUNTU-CVE-2024-23807

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

9.8CVSS6.8AI score0.01482EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/03/06 12:0 a.m.7 views

PT-2023-15917 · Nuxsmin · Syspass

Name of the Vulnerable Software and Affected Versions: nuxsmin sysPass versions up to 3.2.4 Description: A problematic vulnerability was found in the URL Handler component, leading to cross-site scripting. The attack can be launched remotely. Recommendations: For versions up to 3.2.4, upgrade to...

5.4CVSS6.8AI score0.00522EPSS
Exploits0References8
Snyk
Snyk
added 2019/12/18 8:15 p.m.4 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free. The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current...

9.8CVSS7.2AI score0.09503EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2006/07/06 12:0 a.m.6 views

PT-2006-4252 · Phpsysinfo · Phpsysinfo

Name of the Vulnerable Software and Affected Versions: phpSysInfo versions 2.5.1 through 3.2.4 Description: The issue allows remote attackers to determine the existence of arbitrary files via a .. dot dot sequence and a trailing null %00 byte in the lng parameter. This will display a different...

5CVSS6.6AI score0.05369EPSS
Exploits1References19
Rows per page
Query Builder