2 matches found
PT-2025-48197
Name of the Vulnerable Software and Affected Versions XML-Sig versions 0.27 through 0.67 Description The Perl module XML-Sig does not correctly validate XML files when signatures are absent. An attacker can remove a signature from an XML document, causing the verification check to pass incorrectl...
SUSE CVE-2020-25652
A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to th...