Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mini-xml vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-42859
A memory leak issue exists in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2 release
Mini-xml Project Mini-xml 3.2
445
VMScore
CVE-2021-42860
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxml_string_getc:2611. NOTE: it is unclear whether this input is allowed by the API specification
Mini-xml Project Mini-xml 3.2
383
VMScore
CVE-2018-20592
In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.
Msweet Mini-xml 2.12
Fedoraproject Fedora 28
Fedoraproject Fedora 29
383
VMScore
CVE-2018-20593
In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
Msweet Mini-xml 2.12
Fedoraproject Fedora 28
Fedoraproject Fedora 29
606
VMScore
CVE-2018-20004
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml...
Mini-xml Project Mini-xml 2.12
Debian Debian Linux 8.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
383
VMScore
CVE-2018-20005
An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.
Msweet Mini-xml 2.12
Fedoraproject Fedora 28
Fedoraproject Fedora 29
632
VMScore
CVE-2016-4571
The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote malicious users to cause a denial of service (stack consumption) via crafted xml file.
Mini-xml Project Mini-xml
Mini-xml Project Mini-xml 2.9
Debian Debian Linux 8.0
632
VMScore
CVE-2016-4570
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote malicious users to cause a denial of service (stack consumption) via crafted xml file.
Mini-xml Project Mini-xml
Mini-xml Project Mini-xml 2.9
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started