Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mini-xml vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-42860
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxml_string_getc:2611. NOTE: it is unclear whether this input is allowed by the API specification
Mini-xml Project Mini-xml 3.2
5
CVSSv2
CVE-2021-42859
A memory leak issue exists in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2 release
Mini-xml Project Mini-xml 3.2
4.3
CVSSv2
CVE-2018-20593
In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
Msweet Mini-xml 2.12
Fedoraproject Fedora 28
Fedoraproject Fedora 29
4.3
CVSSv2
CVE-2018-20592
In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.
Msweet Mini-xml 2.12
Fedoraproject Fedora 28
Fedoraproject Fedora 29
6.8
CVSSv2
CVE-2018-20004
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml...
Mini-xml Project Mini-xml 2.12
Debian Debian Linux 8.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
4.3
CVSSv2
CVE-2018-20005
An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.
Msweet Mini-xml 2.12
Fedoraproject Fedora 28
Fedoraproject Fedora 29
7.1
CVSSv2
CVE-2016-4570
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote malicious users to cause a denial of service (stack consumption) via crafted xml file.
Mini-xml Project Mini-xml
Mini-xml Project Mini-xml 2.9
Debian Debian Linux 8.0
7.1
CVSSv2
CVE-2016-4571
The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote malicious users to cause a denial of service (stack consumption) via crafted xml file.
Mini-xml Project Mini-xml
Mini-xml Project Mini-xml 2.9
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started