EUVD-2019-1325

Malware in sbrugna...

EUVD-2021-31758

Malicious code in bioql PyPI...

Ubuntu 18.04 ESM / 22.04 LTS : SVG++ library vulnerabilities (USN-6178-1)

The remote Ubuntu 18.04 ESM / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6178-1 advisory. It was discovered that in SVG++ library that the demo application incorrectly managed memory resulting in a memory access violation under...

Debian: Security Advisory (DLA-3376-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3376 : libsvgpp-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3376 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3376-1 [email protected]...

[SECURITY] [DLA 3376-1] svgpp security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3376-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky March 31, 2023 https://wiki.debian.org/LTS -...

SUSE CVE-2010-0182

The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictio...

CVE-2022-30633

Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the XMLDocument::getRoot function in the renderDocument that handles the XMLDocument object improperly. Remediation There is no fixed version for svgpp. References - GitHub Issue Credit: 001SM...

CVE-2021-44960

In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function...

CVE-2021-44960

In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function...

Null pointer dereference

In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function...

CVE-2021-44960

In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function...

CVE-2021-44960

In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function...

CVE-2021-44960

In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function...

CVE-2021-44960

SVG++ library (svgpp) 1.3.0 is affected by CVE-2021-44960 due to a flawed XMLDocument::getRoot handling in renderDocument, which can prematurely dereference a null pointer. Debian’s DLA-4337-1 fixes this in version 1.3.0+dfsg1-4+deb11u1; Ubuntu advisories also reference the issue. The vulnerabili...

CVE-2018-11210

DISPUTED TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...

. NET advanced code audit（the first lesson）XmlSerializer deserialization vulnerability-vulnerability warning-the black bar safety net

在.NET in the framework of the XmlSerializer class is a great tool, it is a highly structured XML data is mapped to . NET objects. The XmlSerializer class in the program through a single API call to perform the XML document and the object conversion between. The conversion mapping rules in the . N...

Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: XmlDocument Insecure Sharing Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: AppContainer Sandbox...

Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation

Windows: XmlDocument Insecure Sharing Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: AppContainer Sandbox Summary: A number of Partial Trust Windows Runtime classes...