Linux Distros Unpatched Vulnerability : CVE-2024-23807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are...

SUSE CVE-2024-23807

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...

Xxe

In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests...

Eclipse Sphinx 代码问题漏洞

Eclipse Sphinx is an extensible platform from the Eclipse Foundation that simplifies the creation of integrated modeling tool environments that support a single or multiple modeling languages which can be UML-based or native DSL, with a particular focus on industrial strength and interoperability...

Apache Xerces-C++ Denial of Service Vulnerability

Apache Xerces is an XML syntax parser from the Apache Software Foundation.Apache Xerces-C++ is the language version. A security vulnerability exists in Apache Xerces-C++. A remote attacker can exploit this vulnerability by sending a specially crafted message to the XML service to cause a denial o...

UBUNTU-CVE-2016-0729

Multiple buffer overflows in 1 internal/XMLReader.cpp, 2 util/XMLURL.cpp, and 3 util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service segmentation fault or memory corruption or possibly execute arbitrary code via a crafted...