441 matches found
Nmap 安全漏洞
Nmap is an open-source tool for network discovery and security scanning developed by Nmap. Version 7.70 of Nmap contains a security vulnerability. This vulnerability arises from handling malicious XML files containing exponentially growing entity extensions, which can lead to a denial-of-service...
MGASA-2026-0100 Updated polkit-122 packages fix security vulnerability
Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write. CVE-2025-7519...
perl-xml-parser: XML::Parser: Memory corruption via deeply nested XML files
A flaw was found in XML::Parser, a Perl module for parsing XML. This vulnerability, an off-by-one heap buffer overflow, occurs when processing an XML file with very deep element nesting. A remote attacker could exploit this by providing a specially crafted XML file, potentially leading to memory...
CVE-2026-33908
A flaw was found in ImageMagick, a free and open-source software for editing and manipulating digital images. When ImageMagick processes an XML file with deeply nested structures, the DestroyXMLTree function, which frees memory, is executed recursively without a depth limit. This can lead to the...
Release of Invalid Pointer or Reference
Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
CVE-2024-34085
A vulnerability has been identified in JT2Go All versions V2312.0001, Teamcenter Visualization V14.1 All versions V14.1.0.13, Teamcenter Visualization V14.2 All versions V14.2.0.10, Teamcenter Visualization V14.3 All versions V14.3.0.7, Teamcenter Visualization V2312 All versions V2312.0001. The...
PT-2025-54222
FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.7, a stored cross-site scripting XSS vulnerability exists in the product file upload functionality. Authenticated users can upload crafted XML files containing executable JavaScript. These...
Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-29824)
In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...
CVE-2025-54967
An issue was discovered in BAE SOCET GXP before 4.6.0.3. It permits external entities in certain XML-based files. An attacker who is able to social engineer a SOCET GXP user into opening a malicious file can trigger a variety of outbound requests, potentially compromising sensitive information in...
BAE Systems SOCET GXP 安全漏洞
BAE Systems SOCET GXP is a high-end geographic information image analysis and mapping software from BAE Systems. A security vulnerability exists in BAE Systems SOCET GXP prior to version 4.6.0.3 that originates from allowing external entities to exist in certain XML-based files, which could lead ...
CVE-2025-54967
An issue was discovered in BAE SOCET GXP before 4.6.0.3. It permits external entities in certain XML-based files. An attacker who is able to social engineer a SOCET GXP user into opening a malicious file can trigger a variety of outbound requests, potentially compromising sensitive information in...
Exploit for XML Injection (aka Blind XPath Injection) in Google Android
!Screenshot of Android application with title AbxDroppedApk and...
EUVD-2020-23507
Malware in sbrugna...
EUVD-2017-6802
Malware in sbrugna...
EUVD-2018-2930
Malware in sbrugna...
EUVD-2020-17906
Malware in sbrugna...
EUVD-2012-1182
Malware in sbrugna...
EUVD-2018-2686
Malware in sbrugna...
EUVD-2005-2293
Malware in sbrugna...
EUVD-2012-1181
Malware in sbrugna...