Advisory ROSA-SA-2025-3109

Software: xmlrpc 3.1.3 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-3.1.3-1.0.1.1.rv3 CVE-ID: CVE-2019-17570 BDU-ID: 2020-01960 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of the Apache XML-RPC library is related to ...

com.exasol:exasol-test-setup-abstraction-java (>=0.3.2 <=1.0.0), com.exasol:extension-manager-integration-test-java (>=0.1.0 <=0.2.0) +3 more potentially affected by CVE-2020-36641 via fr.turri:aXMLRPC (>=1.10.0 <=1.12.0)

fr.turri:aXMLRPC MAVEN version =1.10.0, =0.3.2, =0.1.0, =0.6.2, =1.0.0, =1.0.3 Source cves: CVE-2020-36641 Source advisory: OSV:GHSA-G4R8-28FP-F255...

CVE-2016-5004

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...

python2: multiple issues

CVE-2013-1752 denial of service Multiple unbound readline flaws in python stdlib were found, which can lead to excessive memory usage if a malicious or broken server sends excessively long lines without any line breaks. - CVE-2013-1753 denial of service The XMLRPC library is vulnerable to...

MGASA-2014-0139 Updated python package fixes security vulnerabilities

Denial of service flaws due to unbound readline calls in the imaplib, poplib, and smtplib modules CVE-2013-1752. A gzip bomb and unbound read denial of service flaw in python XMLRPC library CVE-2013-1753...

Debian Security Advisory DSA 746-1 (phpgroupware)

The remote host is missing an update to phpgroupware announced via advisory DSA 746-1. OpenVAS Vulnerability Test $Id: deb7461.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 746-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-747-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-200705-19 : PHP: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200705-19 PHP: Multiple vulnerabilities Several vulnerabilities were found in PHP, most of them during the Month Of PHP Bugs MOPB by Stefan Esser. The most severe of these vulnerabilities are integer overflows in wbmp.c from the G...

phpRPC Library rpc_decoder.php decode() Function Arbitrary Code Execution

The remote host has installed on it the phpRPC library, an xmlrpc library written in PHP and bundled with applications such as RunCMS and exoops. The version of phpRPC on the remote host fails to sanitize user input to the 'server.php' script before using it in an 'eval' function, which may allow...

[SECURITY] [DSA 746-1] New packages fix remote command execution in phpgroupware

------------------------------------------------------------------------ Debian Security Advisory DSA 746-1 [email protected] http://www.debian.org/security/ Michael Stone July 13, 2005 http://www.debian.org/security/faq - ------------------------------------------------------------------------...

Debian DSA-746-1 : phpgroupware - input validation error

A vulnerability had been identified in the xmlrpc library included with phpgroupware, a web-based application including email, calendar and other groupware functionality. This vulnerability could lead to the execution of arbitrary commands on the server running phpgroupware. The security team is...

Debian DSA-747-1 : egroupware - input validation error

A vulnerability has been identified in the xmlrpc library included in the egroupware package. This vulnerability could lead to the execution of arbitrary commands on the server running egroupware. The old stable distribution woody did not include egroupware. %NASLMINLEVEL 70300 C Tenable Network...