CVE-2026-6732
- EPSS 0.63%
- Veröffentlicht 23.04.2026 22:19:34
- Zuletzt bearbeitet 30.06.2026 20:16:50
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious d...
CVE-2026-0992
- EPSS 0.31%
- Veröffentlicht 15.01.2026 14:20:24
- Zuletzt bearbeitet 30.06.2026 20:17:25
A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated <nextCatalog> elements pointing to the same downstream catalog. A remote attacker can exploit this...
CVE-2026-0989
- EPSS 0.42%
- Veröffentlicht 15.01.2026 14:20:23
- Zuletzt bearbeitet 30.06.2026 20:20:47
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested <include> directives. Specially crafted or overly complex schem...
CVE-2026-0990
- EPSS 0.76%
- Veröffentlicht 15.01.2026 14:20:06
- Zuletzt bearbeitet 30.06.2026 20:18:46
A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit th...
CVE-2025-36251
- EPSS 0.51%
- Veröffentlicht 13.11.2025 22:15:51
- Zuletzt bearbeitet 19.11.2025 22:08:07
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was p...
CVE-2025-36096
- EPSS 0.27%
- Veröffentlicht 13.11.2025 22:15:50
- Zuletzt bearbeitet 19.11.2025 22:11:50
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques.
CVE-2025-36236
- EPSS 0.44%
- Veröffentlicht 13.11.2025 22:15:50
- Zuletzt bearbeitet 19.11.2025 22:11:10
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary ...
CVE-2025-36250
- EPSS 0.63%
- Veröffentlicht 13.11.2025 22:15:50
- Zuletzt bearbeitet 19.11.2025 22:08:58
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a v...
CVE-2025-62230
- EPSS 0.27%
- Veröffentlicht 30.10.2025 05:19:40
- Zuletzt bearbeitet 01.07.2026 15:13:56
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can c...
CVE-2025-62231
- EPSS 0.28%
- Veröffentlicht 30.10.2025 05:15:39
- Zuletzt bearbeitet 01.07.2026 15:17:04
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation m...