CVE-2019-11519

Libraries/Nop.Services/Localization/LocalizationService.cs in nopCommerce through 4.10 allows XXE via the "Configurations - Languages - Edit Language - Import Resources - Upload XML file" screen...

EUVD-2018-1829

Malware in sbrugna...

EUVD-2012-0745

Malware in sbrugna...

EUVD-2012-0744

Malware in sbrugna...

Security Bulletin: Denial of Service Security Vulnerability in DB2’s XML Feature. (CVE-2012-0712)

Abstract Vulnerability in IBM DB2’s XML Feature could allow a remote attacker to cause the database server to crash. Content VULNERABILITY DETAILS CVE ID: CVE-2012-0712 DESCRIPTION: The IBM DB2 products listed below contain a security vulnerability in DB2’s XML Feature which could allow a malicio...

CVE-2018-1000090

textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature that can result in Denial of service in context to the web server by exhausting server memory resources. This attack appear to be exploitable via Uploading a specially crafted XML file...

CVE-2013-3221

The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attack...

IBM DB2 9.5 < Fix Pack 10 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.5 running on the remote host is affected by one or more of the following issues : - An unspecified information disclosure error exists related to the XML feature that can allow improper access to arbitrary XML files. IC81461, CVE-2012-0713 -...

Design/Logic Flaw

Unspecified vulnerability in the XML feature in IBM DB2 9.7 before FP6 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary XML files via unknown vectors...

CVE-2012-0713

Unspecified vulnerability in the XML feature in IBM DB2 9.7 before FP6 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary XML files via unknown vectors...

IBM DB2 9.8 < Fix Pack 5 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.8 running on the remote host is prior to Fix Pack 5. It is, therefore, affected by multiple vulnerabilities : - An authorized user with 'CONNECT' privileges from 'PUBLIC' can cause a denial of service via unspecified methods related to DB2's...

IBM DB2 XML Feature DoS and CREATE VARIABLE Security Bypass Vulnerabilities

The host is running IBM DB2 and is prone to denial of service and security bypass vulnerabilities. OpenVAS Vulnerability Test $Id: gbibmdb2xmldosncreatevarsecbypassvuln.nasl 5999 2017-04-21 09:02:32Z teissa $ IBM DB2 XML Feature DoS and CREATE VARIABLE Security Bypass Vulnerabilities Authors:...

CVE-2012-0712

The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service infinite loop by calling the XMLPARSE function with a crafted string expression...

CVE-2012-0712

The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service infinite loop by calling the XMLPARSE function with a crafted string expression...

Design/Logic Flaw

The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service infinite loop by calling the XMLPARSE function with a crafted string expression...

CVE-2012-0712

The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service infinite loop by calling the XMLPARSE function with a crafted string expression...

IBM DB2 9.5 < 9.5 Fix Pack 9 Multiple Vulnerabilities

Binary data 6347.prm...

DB2 9.5 < Fix Pack 9 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.5 running on the remote host is prior to Fix Pack 9. It is, therefore, affected by the following vulnerabilities : - Incorrect, world-writable file permissions are in place for the file 'NODES.REG'. IC79518 - An unspecified error can allow...