MiracleLinux 9 : libxml2-2.9.13-12.el9_6 (AXSA:2025-10724:15)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10724:15 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox...

EUVD-2016-7018

Malware in sbrugna...

Azure Linux 3.0 Security Update: libxml2 (CVE-2025-32415)

The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32415 advisory. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363. CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370. CVE-2025-27113: Fixed...

macOS 13.x < 13.7.5 Multiple Vulnerabilities (122375)

The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.7.5. It is, therefore, affected by multiple vulnerabilities: - A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3,...

Use After Free

libxml2 and nokogiri are vulnerable to a Use-After-Free. The vulnerability is due to improper memory handling due to a flaw in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c, which can be exploited when a crafted XML document is validated against an XML schema with...

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

...

CompleteFTP Professional 12.1.3 - Remote Code Execution

Exploit Title: CompleteFTP Professional 12.1.3 - Remote Code Execution Date: 2020-03-11 Exploit Author: 1F98D Original Author: Rhino Security Labs Vendor Homepage: https://enterprisedt.com/products/completeftp/ Version: CompleteFTP Professional Tested on: Windows 10 x64 CVE: CVE‑2019‑16116...

CVE-2016-6084

IBM BigFix Platform could allow an attacker on the local network to crash the BES server using a specially crafted XMLSchema request...

CVE-2016-6084

IBM BigFix Platform could allow an attacker on the local network to crash the BES server using a specially crafted XMLSchema request...

Cross site request forgery (csrf)

IBM BigFix Platform could allow an attacker on the local network to crash the BES server using a specially crafted XMLSchema request...

CVE-2016-6084

IBM BigFix Platform could allow an attacker on the local network to crash the BES server using a specially crafted XMLSchema request...

IBM BigFix Platform 9.x < 9.1.9 / 9.2.x < 9.2.9 / 9.5.x < 9.5.4 Multiple Vulnerabilities

According to its self-reported version, the IBM BigFix Platform application running on the remote host is 9.x prior to 9.1.9, 9.2.x prior to 9.2.9, or 9.5.x prior to 9.5.4. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists due to a...

IBM BigFix Platform Denial of Service Vulnerability

IBM BigFix platform is a dynamic set of IBM's integrated messaging content-driven and management system multi-technology platform. A denial of service vulnerability exists in IBM BigFix Platform versions 9.0 and 9.1. An attacker can exploit the vulnerability by sending a specially crafted XMLSche...

IBM BigFix Platform 9.x < 9.1.9.1301 / 9.2.9.36 / 9.5.4.38 Multiple Vulnerabilities

According to its self-reported version, the IBM BigFix Platform application running on the remote host is 9.0.x or 9.1.x prior to 9.1.9.1301, 9.2.x prior to 9.2.9.36, or 9.5.x prior to 9.5.4.38. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exist...

Oracle Database Server XDB.DBMS_XMLSCHEMA Buffer Overflow (CVE-2006-0272)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e. procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...