Lucene search
K

1178 matches found

Tenable Nessus
Tenable Nessus
added 2019/05/15 12:0 a.m.237 views

EulerOS Virtualization 3.0.1.0 : libxml2 (EulerOS-SA-2019-1559)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs...

7.5CVSS7AI score0.03681EPSS
Exploits1References5
Veracode
Veracode
added 2019/05/02 4:52 a.m.23 views

Denial Of Service (DoS)

libxml2 is vulnerable to denial of service. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially-crafted XML file to an application using libxml2, as well as an XPath...

9.3CVSS8.3AI score0.13727EPSS
Exploits1References22Affected Software2
Veracode
Veracode
added 2019/05/02 4:52 a.m.40 views

Denial Of Service (DoS)

libxml2 is vulnerable to denial of service. Multiple flaws were found in the way libxml2 parsed certain XPath XML Path Language expressions. If an attacker were able to supply a specially-crafted XML file to an application using libxml2, as well as an XPath expression for that application to run...

7.5CVSS8.4AI score0.01991EPSS
Exploits0References14Affected Software2
Veracode
Veracode
added 2019/05/02 4:52 a.m.26 views

Denial Of Service (DoS)

libxml2 is vulnerable to denial of service. Remote attackers are able to crash the application due to a double free vulnerability related to XPath handling...

7.5CVSS7.5AI score0.0769EPSS
Exploits2References28Affected Software2
Veracode
Veracode
added 2019/05/02 4:43 a.m.31 views

Out-Of-Bounds Read

libxslt is a library for transforming XML files into other textual formats including HTML, plain text, and other XML representations of the underlying data using the standard XSLT stylesheet transformation mechanism. A heap-based buffer overflow flaw was found in the way libxslt applied templates...

6.8CVSS10AI score0.02467EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/05/01 12:0 a.m.59 views

EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2019-1316)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A null pointer dereference vulnerability exists in the xpath function of libxml2 when parsing invalid XPath expression. Applications processing...

7.5CVSS6.5AI score0.03681EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/05/01 12:0 a.m.30 views

EulerOS 2.0 SP2 : libxml2 (EulerOS-SA-2019-1315)

According to the version of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A null pointer dereference vulnerability exists in the xpath function of libxml2 when parsing invalid XPath expression. Applications processing...

7.5CVSS6.9AI score0.03681EPSS
Exploits0References2
Fedora
Fedora
added 2019/04/22 5:11 a.m.19 views

[SECURITY] Fedora 29 Update: libxmlb-0.1.8-2.fc29

XML is slow to parse and strings inside the document cannot be memory mappe d as they do not have a trailing NUL char. The libxmlb library takes XML source, and converts it to a structured binary representation with a deduplicated string table -- where the strings have the NULs included. This...

3AI score
Exploits0
Hacker One
Hacker One
added 2019/04/02 12:0 a.m.27 views

Versa Networks: Versa Director is susceptible to Command Injection attacks (e.g., SQL, LDAP, XML, Xpath)

In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data forms, cookies, HTTP headers etc. to a...

10CVSS2.9AI score0.02713EPSS
Exploits0
OSV
OSV
added 2019/03/21 5:41 p.m.9 views

SUSE-SU-2019:13985-1 Security update for libxml2

This update for libxml2 fixes the following issues: Security issue fixed: - CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval function when parsing an invalid XPath expression in the XPATHOPAND or XPATHOPOR case leading to a denial of service attack bsc1102046 Other Issue...

7.5CVSS6.5AI score0.03681EPSS
Exploits1References7
Veracode
Veracode
added 2019/01/31 2:40 a.m.13 views

XPath Injection

python-saml is vulnerable to xpath injection attacks. The vulnerability exists as DTD on the fromstring method was not disabled by default, allowing xpath injection attacks...

7AI score
Exploits0
OSV
OSV
added 2019/01/23 3:50 p.m.10 views

MGASA-2019-0047 Updated libxml2 packages fix security vulnerabilities

A flaw was found in libxml2 2.9.8. The xzdecomp function in xzlib.c, if --with-lzma is used, allows remote attackers to cause a denial of service infinite loop via a crafted XML file that triggers LZMAMEMLIMITERROR, as demonstrated by xmllint CVE-2018-9251, CVE-2018-14567. A null pointer...

7.5CVSS6.2AI score0.043EPSS
Exploits1References4
0day.today
0day.today
added 2019/01/23 12:0 a.m.33 views

Joomla vWishlist 1.0.1 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component vWishlist 1.0.1 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link:...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/23 12:0 a.m.248 views

Joomla! Component vWishlist 1.0.1 - SQL Injection

Exploit Title: Joomla! Component vWishlist 1.0.1 - SQL Injection Dork: N/A Date: 2019-01-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/extension-specific/virtuemart-extensions/vwishlist/ Version: 1.0.1...

7.4AI score
Exploits0
Github Security Blog
Github Security Blog
added 2019/01/17 2:5 p.m.38 views

Nokogiri NULL Pointer Dereference

A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATHOPAND or XPATHOPOR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerab...

7.5CVSS7.4AI score0.03681EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2019/01/17 2:5 p.m.43 views

GHSA-6QVP-R6R3-9P7H Nokogiri NULL Pointer Dereference

A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATHOPAND or XPATHOPOR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerab...

7.5CVSS5.9AI score0.03681EPSS
Exploits0References12
Fedora
Fedora
added 2019/01/03 2:27 a.m.32 views

[SECURITY] Fedora 28 Update: python-lxml-4.2.5-1.fc28

lxml is a Pythonic, mature binding for the libxml2 and libxslt libraries. It provides safe and convenient access to these libraries using the ElementTre e It extends the ElementTree API significantly to offer support for XPath, Relax NG, XML Schema, XSLT, C14N and much more.To contact the project...

6.1CVSS0.5AI score0.02438EPSS
Exploits1
Fedora
Fedora
added 2018/12/21 7:42 p.m.29 views

[SECURITY] Fedora 29 Update: python-lxml-4.2.5-1.fc29

lxml is a Pythonic, mature binding for the libxml2 and libxslt libraries. It provides safe and convenient access to these libraries using the ElementTre e It extends the ElementTree API significantly to offer support for XPath, Relax NG, XML Schema, XSLT, C14N and much more.To contact the project...

6.1CVSS0.5AI score0.02438EPSS
Exploits1
CNVD
CNVD
added 2018/11/28 12:0 a.m.3 views

Null pointer vulnerability in libxml2 'xpath.c:xmlXPathCompOpEval()' function

Libxml2 is the GNOME project team developed a C-based language used to parse XML documents library , which supports a variety of encoding formats , Xpath parsing , Well-formed and valid validation and so on. A security vulnerability exists in the 'xpath.c:xmlXPathCompOpEval' function in libxml2...

7.5CVSS6.2AI score0.03681EPSS
Exploits0References1
Fedora
Fedora
added 2018/11/27 3:31 a.m.17 views

[SECURITY] Fedora 29 Update: xml-security-c-2.0.2-1.fc29

The xml-security-c library is a C++ implementation of the XML Digital Signature specification. The library makes use of the Apache XML project's Xerces-C XML Parser and Xalan-C XSLT processor. The latter is used for processing XPath and XSLT transforms...

2.9AI score
Exploits0
Rows per page
Query Builder