Lucene search
K

2722 matches found

FreeBSD
FreeBSD
added 2016/05/17 12:0 a.m.46 views

expat -- denial of service vulnerability on malformed input

Gustavo Grieco reports: The Expat XML parser mishandles certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a parse operation. The bugs allow for a denial...

9.8CVSS8.8AI score0.13335EPSS
Exploits3References1
OSV
OSV
added 2016/05/17 12:0 a.m.3 views

UBUNTU-CVE-2016-3705

The 1 xmlParserEntityCheck and 2 xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service stack consumption and application crash via a crafted XML document containing a...

7.5CVSS7.1AI score0.05103EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.26 views

Debian DSA-3579-1 : xerces-c - security update

Gustavo Grieco discovered an use-after-free vulnerability in xerces-c, a validating XML parser library for C++, due to not properly handling invalid characters in XML input documents in the DTDScanner. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

10CVSS8.3AI score0.06781EPSS
Exploits0References4
Debian
Debian
added 2016/05/16 7:1 a.m.24 views

[SECURITY] [DSA 3579-1] xerces-c security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3579-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 16, 2016 https://www.debian.org/security/faq -...

10CVSS2.2AI score0.06781EPSS
Exploits0
OSV
OSV
added 2016/05/16 12:0 a.m.18 views

DSA-3579-1 xerces-c - security update

Bulletin has no description...

10CVSS9.5AI score0.06781EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/05/15 12:0 a.m.24 views

Debian: Security Advisory (DSA-3579-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.06781EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2016/05/09 12:0 a.m.40 views

xercesi-c3 -- multiple vulnerabilities

Apache reports: The Xerces-C XML parser fails to successfully parse a DTD that is deeply nested, and this causes a stack overflow, which makes a denial of service attack against many applications possible by an unauthenticated attacker. Also, CVE-2016-2099: Use-after-free vulnerability in...

10CVSS6.7AI score0.14138EPSS
Exploits0References2
NVD
NVD
added 2016/04/30 10:59 a.m.18 views

CVE-2016-1343

The XML parser in Cisco Information Server CIS 6.2 allows remote attackers to read arbitrary files or cause a denial of service CPU and memory consumption via an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, aka Bug ID CSCuy39059...

10CVSS9.3AI score0.01574EPSS
Exploits0References1
CVE
CVE
added 2016/04/30 10:0 a.m.45 views

CVE-2016-1343

Cisco Information Server (CIS) 6.2 is affected by an XML External Entity (XXE) vulnerability in the XML parser, where external entity declarations combined with an entity reference can allow remote attackers to read arbitrary files or cause a denial of service (CPU/memory). Exploitation details a...

10CVSS9.2AI score0.01574EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2016/04/28 3:0 p.m.32 views

Cisco Information Server XML Parser Denial of Service Vulnerability

A vulnerability in the default configuration of the XML parser component of Cisco Information Server CIS could allow an unauthenticated, remote attacker to access sensitive data or cause excessive consumption of system resources, which could cause a denial of service DoS condition on a targeted...

6.4CVSS9.5AI score0.01574EPSS
Exploits0References1
Fedora
Fedora
added 2016/04/18 3:51 a.m.28 views

[SECURITY] Fedora 22 Update: xerces-c-3.1.3-1.fc22

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0...

9.8CVSS1.6AI score0.09115EPSS
Exploits0
Fedora
Fedora
added 2016/04/12 9:47 a.m.37 views

[SECURITY] Fedora 24 Update: xerces-c-3.1.3-1.fc24

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0...

9.8CVSS1.6AI score0.09115EPSS
Exploits0
OSV
OSV
added 2016/04/07 9:59 p.m.6 views

CVE-2016-0729

Multiple buffer overflows in 1 internal/XMLReader.cpp, 2 util/XMLURL.cpp, and 3 util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service segmentation fault or memory corruption or possibly execute arbitrary code via a crafted...

9.8CVSS9.8AI score0.09115EPSS
Exploits0References18
NVD
NVD
added 2016/04/07 9:59 p.m.13 views

CVE-2016-0729

Multiple buffer overflows in 1 internal/XMLReader.cpp, 2 util/XMLURL.cpp, and 3 util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service segmentation fault or memory corruption or possibly execute arbitrary code via a crafted...

9.8CVSS9.8AI score0.09115EPSS
Exploits0References18
OSV
OSV
added 2016/04/07 9:59 p.m.2 views

DEBIAN-CVE-2016-0729

Multiple buffer overflows in 1 internal/XMLReader.cpp, 2 util/XMLURL.cpp, and 3 util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service segmentation fault or memory corruption or possibly execute arbitrary code via a crafted...

9.8CVSS9.6AI score0.09115EPSS
Exploits0References1
Prion
Prion
added 2016/04/07 9:59 p.m.22 views

Buffer overflow

Multiple buffer overflows in 1 internal/XMLReader.cpp, 2 util/XMLURL.cpp, and 3 util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service segmentation fault or memory corruption or possibly execute arbitrary code via a crafted...

7.5CVSS8.2AI score0.09115EPSS
Exploits0References18Affected Software2
UbuntuCve
UbuntuCve
added 2016/04/07 9:59 p.m.21 views

CVE-2016-0729

Multiple buffer overflows in 1 internal/XMLReader.cpp, 2 util/XMLURL.cpp, and 3 util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service segmentation fault or memory corruption or possibly execute arbitrary code via a crafted...

9.8CVSS7.4AI score0.09115EPSS
Exploits0References4
OSV
OSV
added 2016/04/07 9:59 p.m.3 views

UBUNTU-CVE-2016-0729

Multiple buffer overflows in 1 internal/XMLReader.cpp, 2 util/XMLURL.cpp, and 3 util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service segmentation fault or memory corruption or possibly execute arbitrary code via a crafted...

9.8CVSS7.8AI score0.09115EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2016/04/07 9:0 p.m.29 views

CVE-2016-0729

Multiple buffer overflows in 1 internal/XMLReader.cpp, 2 util/XMLURL.cpp, and 3 util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service segmentation fault or memory corruption or possibly execute arbitrary code via a crafted...

9.8CVSS7.6AI score0.09115EPSS
Exploits0
CVE
CVE
added 2016/04/07 9:0 p.m.106 views

CVE-2016-0729

CVE-2016-0729 is an Apache Xerces-C XML Parser vulnerability. The issue arises from improper bounds checking during processing and error reporting in Xerces-C, allowing a crafted input document to cause a denial of service (crash) and, in some cases, remote code execution. The base impact is seve...

9.8CVSS9.7AI score0.09115EPSS
Exploits0References18Affected Software1
Rows per page
Query Builder