Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xmlsoft libxml2 2.8.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-7941
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent malicious users to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser....
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Xmlsoft Libxml2 2.9.2
6.8
CVSSv2
CVE-2013-0339
libxml2 up to and including 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote malicious users to cause a denial of service (resource consumption), se...
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.6.29
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Xmlsoft Libxml2 2.8.0
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 1.7.1
Xmlsoft Libxml2 2.7.2
Xmlsoft Libxml2 2.4.21
Xmlsoft Libxml2 2.4.20
Xmlsoft Libxml2 2.3.7
4.3
CVSSv2
CVE-2013-0338
libxml2 2.9.0 and previous versions allows context-dependent malicious users to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansi...
Xmlsoft Libxml2 1.7.0
Xmlsoft Libxml2 1.7.1
Xmlsoft Libxml2 2.5.10
Xmlsoft Libxml2 2.4.23
Xmlsoft Libxml2 2.4.28
Xmlsoft Libxml2 2.4.29
Xmlsoft Libxml2 2.4.22
Xmlsoft Libxml2 2.6.17
Xmlsoft Libxml2 2.4.9
Xmlsoft Libxml2 2.4.8
Xmlsoft Libxml2 2.4.12
Xmlsoft Libxml2 2.4.15
Xmlsoft Libxml2 2.4.14
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 1.7.2
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.6.14
Xmlsoft Libxml2 2.4.26
Xmlsoft Libxml2 2.4.27
Xmlsoft Libxml2 2.6.22
Xmlsoft Libxml2 2.4.21
5
CVSSv2
CVE-2012-0841
libxml2 prior to 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via crafted XML data.
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.6.29
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 1.7.1
Xmlsoft Libxml2 2.7.2
Xmlsoft Libxml2 2.4.21
Xmlsoft Libxml2 2.4.20
Xmlsoft Libxml2 2.3.7
Xmlsoft Libxml2 2.6.17
6.8
CVSSv2
CVE-2012-5134
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and previous versions, as used in Google Chrome prior to 23.0.1271.91 and other products, allows remote malicious users to cause a denial of service or possibly execute arbitrary code...
Google Chrome 23.0.1271.87
Google Chrome 23.0.1271.58
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Google Chrome 23.0.1271.19
Google Chrome 23.0.1271.51
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Google Chrome 23.0.1271.45
Google Chrome 23.0.1271.18
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Google Chrome 23.0.1271.17
Xmlsoft Libxml2 2.6.11
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started