CVE-2016-1839: The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1…

CVE-2016-1839 [MEDIUM] CWE-125 GHSA-768p-297v-97cm: The xmlDictAddString function in libxml2 before 2 The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

CVE-2017-9050 [MEDIUM] Out-of-bounds read in nokogiri Out-of-bounds read in nokogiri libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839. GitHub is notifying on nokogiri as uses libxml2.

CVE-2017-9050 [MEDIUM] CWE-125 Out-of-bounds read in nokogiri Out-of-bounds read in nokogiri libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839. GitHub is notifying on nokogiri as uses libxml2.

CVE-2017-9050 [MEDIUM] CVE-2017-9050: libxml2 20904-GITv2 libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.

CVE-2015-8806 [HIGH] libxml2 vulnerabilities libxml2 vulnerabilities It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-8806, CVE-2016-2073, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447) It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1762, CVE-2016-1834) Mateusz Jurczyk discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into

CVE-2016-1839 [MEDIUM] CVE-2016-1839: The xmlDictAddString function in libxml2 before 2 The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1 ICS Advisory ## Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1 Release DateDecember 14, 2023 Alert CodeICSA-23-348-10 As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v3 9.8 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1 - Vulnerabilities: Improper Restriction of XML External Entity Reference, Time-of-check Time-of-use (TOCTOU) Race Condition, Command Injection, Miss

CVE-2016-1839 [MEDIUM] CVE-2016-1839: Android Security Bulletin 2017-06-01 CVE: CVE-2016-1839 Severity: MEDIUM Type: DoS Affected AOSP versions: 4 Android Security Bulletin 2017-06-01 CVE: CVE-2016-1839 Severity: MEDIUM Type: DoS Affected AOSP versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 References: A-36553781

CVE-2017-9050 [MEDIUM] CWE-125 libxml2: Heap-based buffer over-read in function xmlDictAddString libxml2: Heap-based buffer over-read in function xmlDictAddString libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839. Package: libxml2 (Red Hat Enterprise Linux 5) - Will not fix Package: libxml2 (Red Hat Enterprise Linux 6) - Will not fix Package: libxml2 (Red Hat Enterprise Linux 7) - Will not fix Package: libxml2 (Red Hat Enterprise Linux 8) - Not affected Package: mingw-libxml2 (Red Hat Enterprise Linux 8) - Affected Package: libxml2 (Red Hat JBoss Core Services) - Affected Package: libxml2 (Red Hat JBoss Enterprise Web Server 3) - Will not fix

CVE-2017-9050 [MEDIUM] CVE-2017-9050: libxml2 - libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-re... libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839. Scope: local bookworm: resolved (fixed in 2.9.4+dfsg1-3.1) bullseye: resolved (fixed in 2.9.4+dfsg1-3.1) forky: resolved (fixed in 2.9.4+dfsg1-3.1) sid: resolved (fixed in 2.9.4+dfsg1-3.1) trixie: resolved (fixed in 2.9.4+dfsg1-3.1)

CVE-2015-8806 [HIGH] libxml2 vulnerabilities Title: libxml2 vulnerabilities Summary: Several security issues were fixed in libxml2. It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-8806, CVE-2016-2073, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447) It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-1762, CVE-2016-1834) Mateusz Jurczyk discovered that libxml2 incorrectly handled certain malfo

CVE-2016-1839 [MEDIUM] CWE-122 libxml2: Heap-based buffer overread in xmlDictAddString libxml2: Heap-based buffer overread in xmlDictAddString The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. Package: libxml2 (Red Hat Enterprise Linux 5) - Will not fix Package: libxml2 (Red Hat JBoss Enterprise Web Server 3) - Affected

CVE-2015-8806 [HIGH] CWE-122 libxml2: heap-buffer overread in dict.c libxml2: heap-buffer overread in dict.c dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document. Statement: This flaw was found to be a duplicate of CVE-2016-1839. Please see https://access.redhat.com/security/cve/CVE-2016-1839 for information about affected products and security errata. Package: libxml2 (Red Hat Enterprise Linux 5) - Not affected Package: libxml2 (Red Hat Enterprise Linux 6) - Not affected Package: libxml2 (Red Hat Enterprise Linux 7) - Not affected

CVE-2016-2073 [MEDIUM] CWE-20 libxml2: out-of-bounds read in htmlParseNameComplex() libxml2: out-of-bounds read in htmlParseNameComplex() The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document. Statement: This flaw was found to be a duplicate of CVE-2016-1839. Please see https://access.redhat.com/security/cve/CVE-2016-1839 for information about affected products and security errata. Package: libxml2 (Red Hat Enterprise Linux 5) - Not affected Package: libxml2 (Red Hat Enterprise Linux 6) - Not affected Package: libxml2 (Red Hat Enterprise Linux 7) - Not affected

CVE-2016-1839 [MEDIUM] CVE-2016-1839: libxml2 - The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS befo... The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. Scope: local bookworm: resolved (fixed in 2.9.3+dfsg1-1.1) bullseye: resolved (fixed in 2.9.3+dfsg1-1.1) forky: resolved (fixed in 2.9.3+dfsg1-1.1) sid: resolved (fixed in 2.9.3+dfsg1-1.1) trixie: resolved (fixed in 2.9.3+dfsg1-1.1)

CVE-2016-1839 [MEDIUM] CVE-2016-1839: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1839 Component: CVE-ID Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1839 [MEDIUM] CVE-2016-1839: watchOS 2.2.1 Apple Security Update: About the security content of watchOS 2.2.1 Product: watchOS Version: 2.2.1 CVE: CVE-2016-1839 Component: CVE-ID Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1839 [MEDIUM] CVE-2016-1839: tvOS 9.2.1 Apple Security Update: About the security content of tvOS 9.2.1 Product: tvOS Version: 9.2.1 CVE: CVE-2016-1839 Component: CVE-ID Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1839 [MEDIUM] CVE-2016-1839: OS X El Capitan v10.11.5 and Security Update 2016-003 Apple Security Update: About the security content of OS X El Capitan v10.11.5 and Security Update 2016-003 Product: OS X El Capitan v10.11.5 and Security Update 2016-003 CVE: CVE-2016-1839 Component: CVE-ID Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-1839 libxml2 - xmlDictAddString Heap Buffer Overread libxml2 - xmlDictAddString Heap Buffer Overread --- Source: https://code.google.com/p/google-security-research/issues/detail?id=637 The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint ("$ ./xmllint --html /path/to/file"): --- cut --- ==25920==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x631000010810 at pc 0x0000004a2f25 bp 0x7ffc81805ae0 sp 0x7ffc81805290 READ of size 73661 at 0x631000010810 thread T0 #0 0x4a2f24 in __asan_memcpy llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:393 #1 0xd026b2 in xmlDictAddString libxml2-2.9.3/dict.c:285:5 #2 0xd009e8 in xmlDictLookup libxml2-2.9.3/dict.c:926:11 #3 0x806e4d in htmlParseNameCom

CVE-2017-9050 [MEDIUM] CVE-2017-9050 libxml2: Heap-based buffer over-read in function xmlDictAddString CVE-2017-9050 libxml2: Heap-based buffer over-read in function xmlDictAddString libxml2 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2 to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839. References: http://seclists.org/oss-sec/2017/q2/258 Discussion: Created libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1452550] --- Created mingw-libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1452551] --- Upstream patch: https://gitlab.gnome.org/GNOME/libxml2/commit/45752d2c3

CVE-2016-1762 [HIGH] CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 libxml2: various flaws [fedora-a CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 libxml2: various flaws [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE

CVE-2016-1762 [HIGH] CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 mingw-libxml2: various flaws [fe CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 mingw-libxml2: various flaws [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention t

CVE-2016-1839 [MEDIUM] CVE-2016-1839 libxml2: Heap-based buffer overread in xmlDictAddString CVE-2016-1839 libxml2: Heap-based buffer overread in xmlDictAddString A vulnerability was found in the libxml2 library. A heap-based buffer overread could happen in xmlDictAddString. References: https://bugzilla.gnome.org/show_bug.cgi?id=758605 Upstream fix: https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33 Discussion: *** Bug 1304636 has been marked as a duplicate of this bug. *** --- *** Bug 1301928 has been marked as a duplicate of this bug. *** --- This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2016:1292 https://access.redhat.com/errata/RHSA-2016:1292 --- Created libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1349794] --- Created mingw-libxml

CVE-2015-8806 [HIGH] CVE-2015-8806 libxml2: heap-buffer overread in dict.c CVE-2015-8806 libxml2: heap-buffer overread in dict.c A heap-buffer overread vulnerability was found in libxml2. A specially crafted file can cause the application to crash. External bugzilla report with reproducer: https://bugzilla.gnome.org/show_bug.cgi?id=749115 CVE assignment: http://seclists.org/oss-sec/2016/q1/277 Discussion: Created libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1304638] --- Created mingw-libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1304639] Affects: epel-7 [bug 1304640] --- I believe that this is actually a duplicate of CVE-2016-2073 --- Actually marking this duplicate of CVE-2016-1839, to follow upstream. *** This bug has been marked as a duplicate of bug 1338703 *** --- Statement: This flaw was found to be a du

CVE-2016-2073 [MEDIUM] CVE-2016-2073 libxml2: out-of-bounds read in htmlParseNameComplex() CVE-2016-2073 libxml2: out-of-bounds read in htmlParseNameComplex() An out-of-bounds read flaw was reported in libxml2's htmlParseNameComplex() function: http://seclists.org/oss-sec/2016/q1/199 A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to disclose crash. Discussion: Created libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1301929] --- Created mingw-libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1301930] Affects: epel-7 [bug 1301931] --- Below is my current understanding of this issue (which, I believe, is identical to 1304636) : The issue is when a word starts with normal ASCII chars and jumps to UTF multibytes chars. The issue is in html

[R2] Nessus 6.10 Fixes Multiple Third-party Library Vulnerabilities ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

[R3] LCE 5.0.0 Fixes Multiple Third-party Library Vulnerabilities ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man