USN-8018-3 python2.7 vulnerabilities

USN-8018-1 fixed CVE-2025-12084, CVE-2025-15282, CVE-2026-0672, CVE-2026-0865 for python3. This update provides the corresponding updates for python2.7. Original advisory details: Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this iss...

CVE-2019-15903

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber then resulted in a heap-based buffer over-read...

CVE-2019-1187

A denial of service vulnerability exists when the XmlLite runtime XmlLite.dll improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by...

Security update for the information disclosure vulnerability in Visual Studio 2010 Service Pack 1 (KB4506161)

An information disclosure vulnerability exists when Visual Studio improperly parses XML input in certain settings files...

CVE-2019-1079

CVE-2019-1079 affects Microsoft Visual Studio. The vulnerability arises when Visual Studio improperly parses XML input in certain settings files, enabling an XML external entity (XXE) for information disclosure. An attacker who can entice an authenticated user to open a crafted XML file could rea...

Security update for the information disclosure vulnerability in Visual Studio 2013 Update 5 (KB4506163)

An information disclosure vulnerability exists when Visual Studio improperly parses XML input in certain settings files...