CVE-2019-17626

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

New Bug Found in NSA’s Ghidra Tool

A medium severity bug reported on Saturday impacts Ghidra, a free, open-source software reverse-engineering tool released by the National Security Agency earlier this year. The vulnerability allows a remote attacker to compromise exposed systems, according to a NIST National Vulnerability Databas...

Medium: libxml2

Issue Overview: xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service...

Design/Logic Flaw

NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An...

CVE-2019-16941

NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An...

CVE-2019-16941

CVE-2019-16941 affects NSA Ghidra up to 9.0.4. When the experimental mode is enabled, the Read XML Files feature of Bit Patterns Explorer can deserialize a modified XML document (originally produced by DumpFunctionPatternInfoScript) to trigger arbitrary code execution via Java runtime (e.g., Runt...

CVE-2019-16701

pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.execphp call containing shell metacharacters in a parameter value...

CVE-2019-16701

pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.execphp call containing shell metacharacters in a parameter value...

CVE-2019-16701

pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.execphp call containing shell metacharacters in a parameter value...

SUSE SLES12 Security Update : python3 (SUSE-SU-2019:2053-2)

This update for python3 fixes the following issues : CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 bsc1138459. CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document bsc1109847. CVE-2018-1000802: Fixed a comma...

NewStart CGSL MAIN 4.05 : java-1.7.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0105)

The remote NewStart CGSL host, running version MAIN 4.05, has java-1.7.0-openjdk packages installed that are affected by multiple vulnerabilities: - It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to ma...

Design/Logic Flaw

An issue was discovered in the 3CX Phone system web management console 12.5.44178.1002 through 12.5 SP2. The Content.MainForm.wgx component is affected by XXE via a crafted XML document in POST data. There is potential to use this for SSRF reading local files, outbound HTTP, and outbound DNS...

qt5-qtbase: Double free in QXmlStreamReader

QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document...

CVE-2019-10266

An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of-bounds XML document to a URL, it is possible to read the file structure and even the content of files without authentication...

CVE-2019-10266

An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of-bounds XML document to a URL, it is possible to read the file structure and even the content of files without authentication...

SAP HANA Extended Application Services External Entity Injection Vulnerability

SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions to support users to query real-time business data query and analysis.Extended Application Services is an application server, Web server and SAP HANA System within the Web...

EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2019-1685)

According to the version of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libxml2 in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause...

XML External Entities (XXE)

expat is vulnerable to denial of service. Entities expansions are not properly handled unless using the XMLSetEntityDeclHandler function. This allows remote attackers to crash the process, send HTTP requests on behalf of the server or read arbitrary files via a malicious XML document...

CVE-2019-12761

CVE-2019-12761 affects PyXDG prior to 0.26. A code injection issue arises via crafted Python in a Category element of a Menu XML (.menu) file, triggered when XDG_CONFIG_DIRS leads to xdg.Menu.parse. Root cause is lack of sanitization before an eval call in xdg/Menu.py. Various advisories (Debian,...

Out-Of-Bounds Read

PHP is vulnerable to out-of-bounds read attacks. This exists in the phpwddxpushelement function in ext/wddx/wddx.c which allows remote attackers to cause a denial of service or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document...