The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Apache Xerces-C++

Apache Xerces-C++: NULL pointer dereference via the DTD reference
An attacker can force Apache Xerces-C++ dereference a NULL pointer while processing the path to the external DTD, in order to trigger a denial of service...
CVE-2017-12627, DLA-1328-1, FEDORA-2018-51ce232320, FEDORA-2018-7b97e553ff, openSUSE-SU-2019:1283-1, SUSE-SU-2018:3277-1, SUSE-SU-2019:0977-1, SUSE-SU-2020:2225-1, VIGILANCE-VUL-25404
Apache Xerces-C: denial of service via a deeply nested DTD
An attacker can submit an XML document including a deeply nested DTD to Apache Xerces-C, in order to trigger a denial of service...
1983969, 1984073, 1987066, 1990410, cpujul2018, CVE-2016-4463, DLA-535-1, DSA-3610-1, FEDORA-2016-0a061f6dd9, FEDORA-2016-7615febbd6, FEDORA-2016-84373c5f4f, FEDORA-2016-87e8468465, FEDORA-2016-9284772686, FEDORA-2016-d2d6890690, FEDORA-2018-51ce232320, openSUSE-SU-2016:1808-1, openSUSE-SU-2016:2232-1, RHSA-2018:3335-01, RHSA-2018:3506-01, RHSA-2018:3514-01, SB10276, SOL70191975, SUSE-SU-2018:3277-1, VIGILANCE-VUL-20001
Apache Xerces-C++: use after free via DTDScanner
An attacker can force the usage of a freed memory area in DTDScanner of Apache Xerces-C++, in order to trigger a denial of service, and possibly to run code...
cpujul2018, CVE-2016-2099, DLA-467-1, DSA-3579-1, FEDORA-2016-0a061f6dd9, FEDORA-2016-7615febbd6, FEDORA-2016-84373c5f4f, FEDORA-2016-87e8468465, FEDORA-2016-9284772686, FEDORA-2016-d2d6890690, openSUSE-SU-2016:1744-1, openSUSE-SU-2016:1808-1, openSUSE-SU-2016:2232-1, SOL04253390, VIGILANCE-VUL-19566, XERCESC-2066
Apache Xerces-C: buffer overflow
An attacker can generate a buffer overflow of Apache Xerces-C, in order to trigger a denial of service, and possibly to run code...
1610582, 1983969, 1984073, 1987066, 1990410, 2002647, cpuapr2017, cpuoct2018, CVE-2016-0729, DSA-3493-1, FEDORA-2016-0a061f6dd9, FEDORA-2016-7615febbd6, FEDORA-2016-87e8468465, FEDORA-2016-880b91c090, FEDORA-2016-ae9ac16cf3, openSUSE-SU-2016:0966-1, openSUSE-SU-2016:1121-1, RHSA-2016:0430-01, VIGILANCE-VUL-19033
Apache Xerces-C++: unreachable memory reading via XMLReader.cpp
An attacker can force a read at an invalid address in XMLReader.cpp of Apache Xerces-C++, in order to trigger a denial of service...
cpuoct2018, CVE-2015-0252, DSA-3199-1, FEDORA-2015-4228, FEDORA-2015-4251, FEDORA-2015-4285, FEDORA-2015-4321, openSUSE-SU-2016:0966-1, RHSA-2015:1193-01, VIGILANCE-VUL-16432
Apache Xerces-C++: denial of service via hash collision
An attacker can send data generating storage collisions, in order to overload a service...
787103, CVE-2012-0880, VIGILANCE-VUL-15082
Apache Xerces C++, Python libexpat: denial of service via DTD
An attacker can create an XML DTD containing nested parentheses, in order to generate an infinite loop in Apache Xerces C++ or Python libexpat...
BID-35986, BID-35988, CVE-2009-1885, FEDORA-2009-8305, FEDORA-2009-8332, FEDORA-2009-8345, FEDORA-2009-8350, FICORA #245608, MDVSA-2009:223, MDVSA-2009:223-1, SUSE-SR:2009:014, VIGILANCE-VUL-8926
Our database contains other pages. You can request a free trial to read them.

Display information about Apache Xerces-C++: