Lucene search
K

13 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/11/11 2:43 p.m.14 views

Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.307 Vulnerability Details CVEID:CVE-2025-57810 DESCRIPTION: jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the first argument of the addImage method results in C...

9.8CVSS9.5AI score0.07802EPSS
Exploits7Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/07/17 12:0 a.m.65 views

Oracle HTTP Server (July 2025 CPU)

The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2025 CPU advisory. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap- based buffer under-read. To exploit this, a...

9.8CVSS7.3AI score0.6795EPSS
Exploits5References13
RedHat Linux
RedHat Linux
added 2025/03/11 10:13 a.m.6 views

libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2

A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD...

7.8CVSS7.5AI score0.00375EPSS
Exploits0References6
Amazon
Amazon
added 2023/10/03 12:0 a.m.32 views

Medium: libxml2

Issue Overview: Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted XML file. CVE-2023-39615 Affected Packages: libxml2 Issu...

6.5CVSS7.2AI score0.00667EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 6:7 a.m.3 views

SUSE CVE-2008-4225

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service infinite loop via a large XML document...

7.8CVSS7AI score0.03207EPSS
Exploits0References4
OSV
OSV
added 2022/08/17 6:50 p.m.14 views

CLSA-2022-1660762248 Fixed 13 CVEs in expat

CVE-2022-25236: Fix insertion of namespace-separator characters into namespace URIs - CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to arbitrary code execution - CVE-2022-25315: Fix integer overflow in storeRawNames - CVE-2022-22822: Fix integer overflow in addBinding -...

9.8CVSS7.2AI score0.34174EPSS
Exploits3References1
OSV
OSV
added 2022/08/17 5:26 p.m.13 views

CLSA-2022-1660757175 Fixed 15 CVEs in expat

CVE-2022-25236: Fix insertion of namespace-separator characters into namespace URIs - CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to arbitrary code execution - CVE-2022-25315: Fix integer overflow in storeRawNames - CVE-2022-22822: Fix integer overflow in addBinding -...

9.8CVSS7.2AI score0.34174EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2022/07/14 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-2093)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.5AI score0.0363EPSS
Exploits5References2
RedHat Linux
RedHat Linux
added 2022/06/30 9:3 p.m.5 views

libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write

A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types. A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write...

6.5CVSS7.2AI score0.0363EPSS
Exploits5References4
UbuntuCve
UbuntuCve
added 2018/12/30 6:29 p.m.21 views

CVE-2018-20593

In Mini-XML aka mxml v2.12, there is stack-based buffer overflow in the scanfile function in mxmldoc.c...

5.5CVSS6.4AI score0.01303EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:38 p.m.26 views

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server (IHS) affect IBM Security SiteProtector System (CVE-2015-1283, CVE-2015-3183 and CVE-2015-4947)

Summary There are multiple vulnerabilities in IBM HTTP Server IHS that is used by IBM Security SiteProtector System. Vulnerability Details CVEID: CVE-2015-1283 DESCRIPTION: Multiple integer overflows in the XMLGetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89...

9CVSS1AI score0.73327EPSS
Exploits0Affected Software1
Debian CVE
Debian CVE
added 2009/11/03 4:0 p.m.49 views

CVE-2009-3720

The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...

5CVSS6.8AI score0.27924EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2008/11/17 4:15 p.m.6 views

libxml2: integer overflow leading to infinite loop in xmlBufferResize

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service infinite loop via a large XML document...

7.8CVSS7.2AI score0.03207EPSS
Exploits0References4
Rows per page
Query Builder