Lucene search
K

157 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-4769

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.0113EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/05 7:4 p.m.11 views

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2025-32415 DESCRIPTION: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploi...

9.8CVSS8.6AI score0.73495EPSS
Exploits8Affected Software1
RedHat Linux
RedHat Linux
added 2025/08/13 10:46 a.m.7 views

libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denia...

7.5CVSS6.6AI score0.00559EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/08/13 10:38 a.m.9 views

libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denia...

7.5CVSS6.6AI score0.00559EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/08/12 12:44 p.m.7 views

libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denia...

7.5CVSS6.6AI score0.00559EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/08/12 9:47 a.m.4 views

libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denia...

7.5CVSS6.6AI score0.00559EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/08/06 11:45 a.m.5 views

libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denia...

7.5CVSS6.6AI score0.00559EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.5 views

NewStart CGSL MAIN 7.02 : libxml2 Multiple Vulnerabilities (NS-SA-2025-0106)

The remote NewStart CGSL host, running version MAIN 7.02, has libxml2 packages installed that are affected by multiple vulnerabilities: - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value...

9.8CVSS6.7AI score0.01364EPSS
Exploits5References15
OpenVAS
OpenVAS
added 2025/07/23 12:0 a.m.7 views

Ubuntu: Security Advisory (USN-7659-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.1AI score0.22791EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2025/07/21 12:0 a.m.5 views

EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2025-1830)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap- based buffer under-read. To exploit thi...

7.5CVSS6.7AI score0.00559EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/07/10 12:0 a.m.3 views

EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2025-1783)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrec...

7.5CVSS6.7AI score0.00559EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/06/11 12:0 a.m.4 views

EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2025-1597)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2 before 2.12.10...

9.8CVSS7AI score0.0113EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/06/01 12:0 a.m.20 views

FreeBSD : libxml2 -- Use After Free (bd2af307-3e50-11f0-95d4-00a098b42aeb)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the bd2af307-3e50-11f0-95d4-00a098b42aeb advisory. [email protected] reports: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in...

9.8CVSS6.4AI score0.0113EPSS
Exploits0References3
OSV
OSV
added 2025/05/26 5:58 p.m.7 views

CLSA-2025-1748282288 Fix CVE(s): CVE-2025-32414, CVE-2025-32415

SECURITY UPDATE: Out-of-bounds memory access in Python API bindings - debian/patches/CVE-2025-32414.patch: Limit character reads and reserve buffer space for UTF-8 encoding to prevent overflow - CVE-2025-32414 SECURITY UPDATE: Heap buffer under-read in XML schema validation -...

7.5CVSS6.9AI score0.00559EPSS
Exploits2References1
OSV
OSV
added 2025/05/07 9:47 p.m.5 views

CLSA-2025-1746654421 libxml2: Fix of CVE-2025-32415

CVE-2025-32415: fix heap-based buffer under-read in xmlSchemaIDCFillNodeTables...

7.5CVSS6.8AI score0.00559EPSS
Exploits1References1
OSV
OSV
added 2025/05/07 9:39 p.m.8 views

CLSA-2025-1746653948 Fix CVE(s): CVE-2025-32414, CVE-2025-32415

SECURITY UPDATE: OOB access in python API - debian/patches/CVE-2025-32414-pre1.patch: fix SAX driver with character streams in python/drvlibxml2.py. - debian/patches/CVE-2025-32414-1.patch: read at most len/4 characters in python/libxml.c. - debian/patches/CVE-2025-32414-2.patch: add a test in...

7.5CVSS7.3AI score0.00559EPSS
Exploits2References1
Veracode
Veracode
added 2025/04/28 5:1 a.m.14 views

Heap-based Buffer Under-read

libxml2.so is vulnerable to a Heap-based buffer under-read. The vulnerability is due to improper handling of identity constraints in the XML schema processing, specifically in the xmlSchemaIDCFillNodeTables function in xmlschemas.c, allows a heap-based buffer under-read when certain identity...

7.5CVSS7.5AI score0.00559EPSS
Exploits1References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/04/28 12:0 a.m.33 views

libxml2 < 2.13.8 / 2.14.x < 2.14.2 Multiple Vulnerabilities (macOS)

The version of libxml2 installed on the remote host is affected by multiple vulnerabilities. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and...

7.5CVSS6.7AI score0.00559EPSS
Exploits2References4
OSV
OSV
added 2025/04/25 5:34 p.m.19 views

MGASA-2025-0139 Updated libxml2 packages fix security vulnerabilities

CVE-2025-32414 Buffer overflow when parsing text streams with Python API CVE-2025-32415 Heap-based Buffer Overflow in xmlSchemaIDCFillNodeTables...

7.5CVSS7.7AI score0.00559EPSS
Exploits2References3
Snyk
Snyk
added 2025/04/21 9:55 p.m.3 views

Buffer Under-read

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Buffer Under-read in the xmlSchemaIDCFillNodeTables function. An attacker can cause partial denial of service by by validating a malicious XML document against an XML schema usin...

7.5CVSS6.8AI score0.00559EPSS
Exploits1References2
Rows per page
Query Builder