27 matches found
puzzlewebs.cz Cross Site Scripting vulnerability OBB-1334252
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
CVE-2020-14940
An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 .gpx and GP7 .gp tablature files...
OPENSUSE-SU-2020:0210-1 Security update for chromium
This update for chromium fixes the following issues: Chromium was updated to version 80.0.3987.87 boo1162833. Security issues fixed: - CVE-2020-6381: Integer overflow in JavaScript boo1162833. - CVE-2020-6382: Type Confusion in JavaScript boo1162833. - CVE-2019-18197: Multiple vulnerabilities in...
CVE-2019-10172
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes...
USN-3424-1 libxml2 vulnerabilities
It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. CVE-2017-0663 It was discovered that libxml2 did not properly validate parsed entity references. An...
SUSE-SU-2017:1557-1 Security update for libxml2
This update for libxml2 fixes the following issues: Security issues fixed: - CVE-2017-9050: heap-based buffer overflow xmlDictAddString func bsc1039069, bsc1039661 - CVE-2017-9049: heap-based buffer overflow xmlDictComputeFastKey func bsc1039066 - CVE-2017-9048: stack overflow vulnerability...
Ubuntu Update for python-xml vulnerabilities USN-890-4
Ubuntu Update for Linux kernel vulnerabilities USN-890-4 OpenVAS Vulnerability Test $Id: gbubuntuUSN8904.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for python-xml vulnerabilities USN-890-4 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...