Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xmlsoft libxml2 2.4.19 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2004-0110
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 up to and including 2.6.5 allow remote malicious users to execute arbitrary code via a long URL.
Sgi Propack 2.3
Xmlsoft Libxml2 2.5.4
Xmlsoft Libxml2 2.6.0
Xmlsoft Libxml2 2.5.10
Xmlsoft Libxml2 2.5.11
Xmlsoft Libxml2 2.6.5
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.23
Xmlsoft Libxml2 2.6.3
Xmlsoft Libxml2 2.6.4
Sgi Propack 2.4
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.6.1
Xmlsoft Libxml2 2.6.2
1 EDB exploit
6.8
CVSSv2
CVE-2013-0339
libxml2 up to and including 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote malicious users to cause a denial of service (resource consumption), se...
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.6.29
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Xmlsoft Libxml2 2.8.0
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 1.7.1
Xmlsoft Libxml2 2.7.2
Xmlsoft Libxml2 2.4.21
Xmlsoft Libxml2 2.4.20
Xmlsoft Libxml2 2.3.7
4.3
CVSSv2
CVE-2013-0338
libxml2 2.9.0 and previous versions allows context-dependent malicious users to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansi...
Xmlsoft Libxml2 1.7.0
Xmlsoft Libxml2 1.7.1
Xmlsoft Libxml2 2.5.10
Xmlsoft Libxml2 2.4.23
Xmlsoft Libxml2 2.4.28
Xmlsoft Libxml2 2.4.29
Xmlsoft Libxml2 2.4.22
Xmlsoft Libxml2 2.6.17
Xmlsoft Libxml2 2.4.9
Xmlsoft Libxml2 2.4.8
Xmlsoft Libxml2 2.4.12
Xmlsoft Libxml2 2.4.15
Xmlsoft Libxml2 2.4.14
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 1.7.2
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.6.14
Xmlsoft Libxml2 2.4.26
Xmlsoft Libxml2 2.4.27
Xmlsoft Libxml2 2.6.22
Xmlsoft Libxml2 2.4.21
5
CVSSv2
CVE-2012-0841
libxml2 prior to 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via crafted XML data.
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.6.29
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 1.7.1
Xmlsoft Libxml2 2.7.2
Xmlsoft Libxml2 2.4.21
Xmlsoft Libxml2 2.4.20
Xmlsoft Libxml2 2.3.7
Xmlsoft Libxml2 2.6.17
6.8
CVSSv2
CVE-2012-5134
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and previous versions, as used in Google Chrome prior to 23.0.1271.91 and other products, allows remote malicious users to cause a denial of service or possibly execute arbitrary code...
Google Chrome 23.0.1271.87
Google Chrome 23.0.1271.58
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Google Chrome 23.0.1271.19
Google Chrome 23.0.1271.51
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Google Chrome 23.0.1271.45
Google Chrome 23.0.1271.18
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Google Chrome 23.0.1271.17
Xmlsoft Libxml2 2.6.11
1 Github repository
10
CVSSv2
CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote malicious users to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data...
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.5.11
Xmlsoft Libxml2 2.6.9
Xmlstarlet Command Line Xml Toolkit 0.9.1
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 2.6.12
Xmlsoft Libxml2 2.6.13
Xmlsoft Libxml2 2.6.14
Xmlsoft Libxml2 2.6.6
Xmlsoft Libxml2 2.6.7
Xmlsoft Libxml2 2.6.8
Redhat Fedora Core Core 2.0
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Ubuntu Ubuntu Linux 4.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started