CVE-2016-10591

Prince is a Node API for executing XML/HTML to PDF renderer PrinceXML via prince1 CLI. prince downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested tarball with an attacker controlled...

libxml2: Heap-based buffer overflow in xmlParseXmlDecl

A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash...

libxml2: Heap buffer overflow in xmlParseMisc

A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash...

[SECURITY] Fedora 23 Update: libxml2-2.9.3-1.fc23

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

Kaspersky Password Manager - Filter Bypass Vulnerability

Document Title: =============== Kaspersky Password Manager - Filter Bypass Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=674 Download: http://www.vulnerability-lab.com/resources/videos/674.wmv View: http://www.youtube.com/watch?v=8D86ic9opYE Advisory:...

Ewebeditor2. 8. 0 Ultimate Edition delete arbitrary file vulnerability-vulnerability warning-the black bar safety net

Author: oldjun This vulnerability can very tasteless, it can be fatal, the key to see how you use! This vulnerability is present in Example\NewsSystem directory delete. asp file, which is ewebeditor test page, without the login you can go directly to, to see these code: 'The band"|"the string...