CVEs from 2018
Total
2,860
critical
critical 238
high
high 329
medium
medium 260
low
low 39
% Critical
8.3%
% with KEV
3.1%
% with exploit
9.1%
Top vendors
- intel 1,561
- schneider-electric 43
- siemens 42
- rockwellautomation 16
- echelon 15
- redhat 12
- oracle 9
- mitel 8
Top products
- core_i7 379
- core_i5 375
- core_i3 242
- xeon_e5 82
- xeon_e7 62
- xeon_e3 58
- xeon_gold 33
- atom_z 30
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-25391 | high | 7.5 | 7.5 | 7d ago | HaPe PKH 1.1 fails to enforce authorization on its record deletion endpoints, allowing unauthenticated attackers to delete arbitrary records by sending a crafted request that specifies the target rec… | |||
| CVE-2018-25374 | high | 7.5 | 7.5 | 11d ago | Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers … | |||
| CVE-2018-25368 | high | 7.5 | 7.5 | 11d ago | Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers ca… | |||
| CVE-2018-25365 | high | 7.5 | 7.5 | 11d ago | PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use pat… | |||
| CVE-2018-25358 | high | 7.5 | 7.5 | 13d ago | D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST req… | |||
| CVE-2018-25329 | high | 7.5 | 7.5 | 19d ago | WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into the url parameter. Attack… | |||
| CVE-2018-25326 | high | 7.5 | 7.5 | 19d ago | Google Drive for WordPress 2.2 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by injecting directory traversal sequences in the file_name parame… | |||
| CVE-2018-25325 | high | 7.5 | 7.5 | 19d ago | Woocommerce CSV Importer 3.3.6 contains a path traversal vulnerability that allows any registered user to delete arbitrary files by submitting unescaped filenames through the delete_export_file AJAX … | |||
| CVE-2018-7794 | high | 7.5 | 7.5 | 7y ago | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) … | |||
| CVE-2018-7852 | high | 7.5 | 7.5 | 7y ago | A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when an invalid private … | |||
| CVE-2018-7821 | high | 7.5 | 7.5 | 7y ago | An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause cycle time impact when flood… | |||
| CVE-2018-16561 | high | 7.5 | 7.5 | 7y ago | A vulnerability has been identified in SIMATIC S7-300 CPUs (All versions < V3.X.16). The affected CPUs improperly validate S7 communication packets which could cause a Denial-of-Service condition of … | |||
| CVE-2018-17958 | high | 7.5 | 7.5 | 8y ago | Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. | |||
| CVE-2018-7792 | high | 7.5 | 7.5 | 8y ago | A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows una… | |||
| CVE-2018-7789 | high | 7.5 | 7.5 | 8y ago | An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability … | |||
| CVE-2018-12594 | high | 7.5 | 7.5 | 8y ago | Reliable Controls MACH-ProWebCom 7.80 devices allow remote attackers to obtain sensitive information via a direct request for the data/fileinfo.xml or job/job.json file, as demonstrated the Master Pa… | |||
| CVE-2018-3615 | high | 7.3 | 7.3 | 8y ago | Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enc… | |||
| CVE-2018-25431 | high | 7.1 | 7.1 | 3d ago | No-Cms 1.0 contains an SQL injection vulnerability in the order_by parameter of the manage_privilege export endpoint that allows authenticated attackers to manipulate database queries. Attackers can … | |||
| CVE-2018-25430 | high | 7.1 | 7.1 | 3d ago | Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the eGeqIdEquipe parameter. Attackers … | |||
| CVE-2018-25429 | high | 7.1 | 7.1 | 3d ago | Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the zProIdPro parameter. Attackers can… | |||
| CVE-2018-25410 | high | 7.1 | 7.1 | 6d ago | SIM-PKH 2.4.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send G… | |||
| CVE-2018-25392 | high | 7.1 | 7.1 | 7d ago | MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users to execute arbitrary SQL queries through the nomor, user, and jenis parameters in the log_activity f… | |||
| CVE-2018-25381 | high | 7.1 | 7.1 | 11d ago | Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can injec… | |||
| CVE-2018-25380 | high | 7.1 | 7.1 | 11d ago | Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filter_type_id, filter_pid_id, and filter_s… | |||
| CVE-2018-25352 | high | 7.1 | 7.1 | 13d ago | WordPress Ultimate Form Builder Lite plugin version 1.3.7 and below contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code th… | |||
| CVE-2018-25347 | high | 7.1 | 7.1 | 13d ago | WordPress Contact Form Maker Plugin 1.12.20 contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through the FormMakerSQLMapping and generete_csv_f… | |||
| CVE-2018-25346 | high | 7.1 | 7.1 | 13d ago | WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMa… | |||
| CVE-2018-25319 | high | 7.1 | 7.1 | 19d ago | Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myevents_id parameter. Att… | |||
| CVE-2018-25207 | high | 7.1 | 7.1 | 2mo ago | Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated attackers to execute arbitrary SQL commands. Attackers can submit malicious POS… | |||
| CVE-2018-25361 | medium | 6.8 | 6.8 | 11d ago | Soroush IM Desktop App 0.17.0 contains an authentication bypass vulnerability that allows local attackers to remove passcodes by injecting pre-encrypted database entries using a constant encryption k… | |||
| CVE-2018-10622 | medium | 6.8 | 6.8 | 8y ago | Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data. | |||
| CVE-2018-1124 | medium | — | 6.5 | — | procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can creat… | |||
| CVE-2018-8002 | medium | — | 6.5 | — | In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vu… | |||
| CVE-2018-12327 | medium | — | 6.5 | — | Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IP… | |||
| CVE-2018-1122 | medium | — | 6.5 | — | procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege esca… | |||
| CVE-2018-15473 | medium | — | 6.5 | — | OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, re… | |||
| CVE-2018-20781 | medium | — | 6.5 | — | In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext. | |||
| CVE-2018-1123 | medium | — | 6.5 | — | procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the … | |||
| CVE-2018-25421 | medium | 6.5 | 6.5 | 6d ago | Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by manipulating the file parameter. Attackers can send GET requests to modules… | |||
| CVE-2018-25393 | medium | 6.5 | 6.5 | 7d ago | Navigate CMS 2.8.5 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by injecting directory traversal sequences in the id parameter. Attackers can se… | |||
| CVE-2018-25312 | medium | 6.5 | 6.5 | 1mo ago | LifeSize ClearSea 3.1.4 contains directory traversal vulnerabilities that allow authenticated attackers to download and upload arbitrary files by manipulating path parameters in the smartgui interfac… | |||
| CVE-2018-25311 | medium | 6.5 | 6.5 | 1mo ago | VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path trav… | |||
| CVE-2018-13785 | medium | 6.5 | 6.5 | 8y ago | In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG fil… | |||
| CVE-2018-3639 | medium | 5.5 | 6.5 | 8y ago | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of i… | |||
| CVE-2018-25423 | medium | 6.2 | 6.2 | 6d ago | Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 byte… | |||
| CVE-2018-25378 | medium | 6.2 | 6.2 | 11d ago | Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the notebook name field. Attackers can crea… | |||
| CVE-2018-25369 | medium | 6.2 | 6.2 | 11d ago | Visual Ping 0.8.0.0 contains a buffer overflow vulnerability in input field handling that allows local attackers to crash the application by supplying oversized data. Attackers can inject malicious p… | |||
| CVE-2018-25367 | medium | 6.2 | 6.2 | 11d ago | NASA openVSP 3.16.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the geometry name field. Attackers can tri… | |||
| CVE-2018-25324 | medium | 6.2 | 6.2 | 19d ago | Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting null bytes into the wp_abspat… | |||
| CVE-2018-25313 | medium | 6.2 | 6.2 | 1mo ago | SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can in… | |||
| CVE-2018-25305 | medium | 6.2 | 6.2 | 1mo ago | librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the… | |||
| CVE-2018-25349 | medium | 6.1 | 6.1 | 13d ago | userSpice 4.3.24 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the X-Forwarded-For HTTP header. Attackers can send crafted requests to the ba… | |||
| CVE-2018-25331 | medium | 6.1 | 6.1 | 19d ago | Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attac… | |||
| CVE-2018-25309 | medium | 6.1 | 6.1 | 1mo ago | MyBB Recent threads 17.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating threads with crafted subject lines. Attackers can creat… | |||
| CVE-2018-25269 | medium | 6.1 | 6.1 | 1mo ago | ICEWARP 10.3.4 and 11.0.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML elements into emails by embedding base64-encoded payloads in object and embed … | |||
| CVE-2018-25247 | medium | 6.1 | 6.1 | 2mo ago | MyBB Like Plugin 3.0.0 contains a stored cross-site scripting vulnerability. Authenticated attackers can inject script payloads into post or thread subjects; when other users view a profile that disp… | |||
| CVE-2018-12130 | medium | 5.9 | 5.9 | 7y ago | Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure… | |||
| CVE-2018-12127 | medium | 5.6 | 5.6 | 7y ago | Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via… | |||
| CVE-2018-12126 | medium | 5.6 | 5.6 | 7y ago | Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosu… | |||
| CVE-2018-3646 | medium | 5.6 | 5.6 | 8y ago | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user acc… | |||
| CVE-2018-3620 | medium | 5.6 | 5.6 | 8y ago | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user acc… | |||
| CVE-2018-18520 | medium | — | 5.5 | — | An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes… | |||
| CVE-2018-5736 | medium | — | 5.5 | — | An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. … | |||
| CVE-2018-5738 | medium | — | 5.5 | — | Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND names… | |||
| CVE-2018-20102 | medium | — | 5.5 | — | denial of service in haproxy | |||
| CVE-2018-19532 | medium | — | 5.5 | — | A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It all… | |||
| CVE-2018-16376 | medium | — | 5.5 | — | An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may… | |||
| CVE-2018-5309 | medium | — | 5.5 | — | In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerabi… | |||
| CVE-2018-6352 | medium | — | 5.5 | — | In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service … | |||
| CVE-2018-6541 | medium | — | 5.5 | — | In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). Remote attackers could lever… | |||
| CVE-2018-19758 | medium | — | 5.5 | — | There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. | |||
| CVE-2018-19432 | medium | — | 5.5 | — | An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. | |||
| CVE-2018-1126 | medium | — | 5.5 | — | procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124. | |||
| CVE-2018-11255 | medium | — | 5.5 | — | An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and applic… | |||
| CVE-2018-20751 | medium | — | 5.5 | — | An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject(… | |||
| CVE-2018-5308 | medium | — | 5.5 | — | PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-… | |||
| CVE-2018-18310 | medium | — | 5.5 | — | An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (applicatio… | |||
| CVE-2018-6542 | medium | — | 5.5 | — | In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trailer seek value) caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. | |||
| CVE-2018-19661 | medium | — | 5.5 | — | An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. | |||
| CVE-2018-17478 | medium | — | 5.5 | — | information disclosure in chromium | |||
| CVE-2018-14320 | medium | — | 5.5 | — | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must … | |||
| CVE-2018-1301 | medium | — | 5.5 | — | A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerabili… | |||
| CVE-2018-1283 | medium | — | 5.5 | — | In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a … | |||
| CVE-2018-1302 | medium | — | 5.5 | — | When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools main… | |||
| CVE-2018-1303 | medium | — | 5.5 | — | A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be u… | |||
| CVE-2018-1312 | medium | — | 5.5 | — | In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster … | |||
| CVE-2018-1125 | medium | — | 5.5 | — | procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is comp… | |||
| CVE-2018-5206 | medium | — | 5.5 | — | When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | |||
| CVE-2018-1000007 | medium | — | 5.5 | — | libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the hos… | |||
| CVE-2018-20103 | medium | — | 5.5 | — | denial of service in haproxy | |||
| CVE-2018-1000121 | medium | — | 5.5 | — | A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service | |||
| CVE-2018-6954 | medium | — | 5.5 | — | systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of … | |||
| CVE-2018-12607 | medium | — | 5.5 | — | multiple issues in gitlab | |||
| CVE-2018-7549 | medium | — | 5.5 | — | denial of service in zsh | |||
| CVE-2018-7548 | medium | — | 5.5 | — | denial of service in zsh | |||
| CVE-2018-16866 | medium | — | 5.5 | — | An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Version… | |||
| CVE-2018-12983 | medium | — | 5.5 | — | A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via … | |||
| CVE-2018-17144 | medium | — | 5.5 | — | Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitabl… | |||
| CVE-2018-5709 | medium | — | 5.5 | — | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assig… | |||
| CVE-2018-1311 | medium | — | 5.5 | — | The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library… |