Lucene search
K

8 matches found

OSV
OSV
added 2024/01/16 12:15 p.m.5 views

USN-6579-2 xerces-c vulnerability

USN-6579-1 fixed a vulnerability in Xerces-C++. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. Original advisory details: It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML...

8.1CVSS7.3AI score0.09503EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/11 12:0 a.m.4 views

PT-2023-6251 · Apache +6 · Xerces-C++ +6

Name of the Vulnerable Software and Affected Versions: xerces-c++ version 3.2.3 Description: The issue is caused by an integer overflow in xerces-c++ that allows remote attackers to cause out-of-bound access via an HTTP request. This can potentially allow a remote attacker to execute arbitrary co...

9.8CVSS8.6AI score0.09503EPSS
Exploits1References64
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.10 views

SUSE CVE-2008-4482

The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service stack consumption and crash via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file...

7.8CVSS6.8AI score0.04183EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:2 a.m.3 views

SUSE CVE-2016-4463

Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD...

7.5CVSS8.7AI score0.14138EPSS
Exploits0References5
OSV
OSV
added 2016/07/08 7:59 p.m.2 views

DEBIAN-CVE-2016-4463

Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD...

7.5CVSS7.5AI score0.14138EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/25 12:0 a.m.5 views

Xerces-C++ XML Parsing Remote Denial of Service Vulnerability

Xerces is promoted by the Apache organization of an XML document parsing open source project . A vulnerability in the processing of XML data in internal/XMLReader.cpp in Apache Xerces-C allows remote attackers to conduct denial-of-service attacks...

5CVSS7AI score0.3969EPSS
Exploits4References1
OSV
OSV
added 2009/08/11 6:30 p.m.4 views

DEBIAN-CVE-2009-1885

Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service application crash via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrat...

4.3CVSS6.8AI score0.05324EPSS
Exploits1References1
Snyk
Snyk
added 2004/12/31 5:0 a.m.4 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service CPU consumption via XML attributes in a crafted XML document. Remediation There is no fixed version for xerces-c. References ...

5.3CVSS6.9AI score0.06192EPSS
Exploits0References2
Rows per page
Query Builder