2722 matches found
EulerOS 2.0 SP2 : xerces-c (EulerOS-SA-2018-1101)
According to the versions of the xerces-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read an...
EulerOS 2.0 SP1 : xerces-c (EulerOS-SA-2018-1100)
According to the versions of the xerces-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read an...
CVE-2017-8315
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml...
Eclipse IDE Eclipse XML Parser External Entity Injection Vulnerability
Eclipse IDE is the Eclipse Foundation's set of integrated development environment . Eclipse XML parser is one of the XML parser . A security vulnerability exists in the Eclipse XML parser in Eclipse IDE 2017.2.5 and earlier versions. An attacker can exploit this vulnerability to perform an XML...
OpenJDK: unbounded memory allocation during deserialization in NamedNodeMapImpl (JAXP, 8189993)
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network...
CVE-2017-8315
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml...
Xxe
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml...
CVE-2017-8315
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml...
DEBIAN-CVE-2017-8315
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml...
CVE-2017-8315
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml...
CVE-2017-8315
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml...
CVE-2017-8315
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml...
Monero: Buffer out of bound read in miniupnpc xml parser
Summary: This is a buffer oob read vulnerability in miniupnpc when parsing xml response. This vulnerability could result in denial of service attack in monero client to in local area Network. Description: In miniupnpc, file "Minixml.c": The funnction parseelt: static void parseeltstruct xmlparser...
[SECURITY] [DSA 4175-1] freeplane security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4175-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 18, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4175-1] freeplane security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4175-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 18, 2018 https://www.debian.org/security/faq -...
Debian DSA-4175-1 : freeplane - security update
Wojciech Regula discovered an XML External Entity vulnerability in the XML Parser of the mindmap loader in freeplane, a Java program for working with mind maps, resulting in potential information disclosure if a malicious mind map file is opened. C Tenable Network Security, Inc. The descriptive...
Server side request forgery (ssrf)
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0POSTHF6, and ITMS 7.6POSTHF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service,...
CVE-2017-6323
CVE-2017-6323 affects Symantec Management Console versions prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6 and ITMS 7.6_POST_HF7. Root cause is processing XML input with a reference to an external entity by a weakly configured XML parser (XXE). Potential impact includes disclosure of confidential data, ...
Debian: Security Advisory (DLA-1328-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1328-1] xerces-c security update
Package : xerces-c Version : 3.1.1-3+deb7u5 CVE ID : CVE-2017-12627 Debian Bug : 894050 Alberto Garcia, Francisco Oca and Suleman Ali of Offensive Research discovered that the Xerces-C XML parser mishandles certain kinds of external DTD references, resulting in dereference of a NULL pointer while...