Lucene search
K

32 matches found

RedHat Linux
RedHat Linux
added 2022/03/14 10:48 a.m.4 views

expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...

9.8CVSS7.3AI score0.34174EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/14 10:30 a.m.6 views

expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...

9.8CVSS7.3AI score0.34174EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/14 10:9 a.m.3 views

expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...

9.8CVSS7.3AI score0.34174EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/10 4:37 p.m.5 views

expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...

9.8CVSS7.3AI score0.34174EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/10 3:22 p.m.5 views

expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...

9.8CVSS7.3AI score0.34174EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/10 3:9 p.m.2 views

expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...

9.8CVSS7.3AI score0.34174EPSS
Exploits0References5
OSV
OSV
added 2020/09/11 8:59 a.m.7 views

SUSE-SU-2020:2609-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun bsc1161521. - CVE-2020-7595: Fixed an infinite loop in an EOF situation bsc1161517. - CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal bsc1176179. - Fixed invali...

7.5CVSS6.9AI score0.07836EPSS
Exploits1References10
OSV
OSV
added 2020/07/06 12:15 p.m.2 views

DEBIAN-CVE-2020-15562

An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns aka XML namespace attribute of a HEAD element when an SVG element exists...

6.1CVSS6.8AI score0.02073EPSS
Exploits0References1
OSV
OSV
added 2020/07/04 10:47 p.m.9 views

MGASA-2020-0271 Updated libxml2 packages fix security vulnerability

Updated libxml2 packages fix security vulnerability: The fix for CVE-2019-19956 introduced regressions which can cause invalid xmlns references in output and memory leaks, possibly leading to more serious security issues. The broken fix has been reverted...

7.5CVSS7.7AI score0.05515EPSS
Exploits0References4
CNVD
CNVD
added 2017/08/29 12:0 a.m.6 views

Google Maps Plugin Cross-Site Scripting Vulnerability in Joomla!

Joomla! Google Maps is a Joomla! module or component that displays Google Maps on one or more content pages. A cross-site scripting vulnerability in the Joomla! Google Maps plugin allows remote attackers to inject arbitrary web script or HTML via xmlns parameters...

6.1CVSS6.2AI score0.00762EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/08/28 7:0 p.m.17 views

CVE-2013-7430

Cross-site scripting XSS vulnerability in the Googlemaps plugin before 3.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the xmlns parameter...

6.3AI score0.00762EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/02/04 7:34 p.m.4 views

OpenJDK: null xmlns handling issue (Security, 8025026)

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not...

7.5CVSS6.3AI score0.04258EPSS
Exploits1References5
Rows per page
Query Builder