Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xmlsoft libxml2 2.6.26 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2009-2414
Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent malicious users to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion,...
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.27
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.5.10
935
VMScore
CVE-2011-1944
Integer overflow in xpath.c in libxml2 2.6.x up to and including 2.6.32 and 2.7.x up to and including 2.7.8, and libxml 1.8.16 and previous versions, allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XM...
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.30
Xmlsoft Libxml2 2.6.5
Xmlsoft Libxml2 2.6.6
Xmlsoft Libxml2 2.6.13
Xmlsoft Libxml2 2.6.9
Xmlsoft Libxml2 2.6.22
Xmlsoft Libxml2 2.6.27
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 2.6.1
Xmlsoft Libxml2 2.6.0
Xmlsoft Libxml2 2.6.2
Xmlsoft Libxml2 2.6.12
Xmlsoft Libxml2 2.6.17
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 2.6.3
Xmlsoft Libxml2 2.6.4
Xmlsoft Libxml2 2.6.7
Xmlsoft Libxml2 2.6.8
Xmlsoft Libxml2 2.6.20
Xmlsoft Libxml2 2.6.18
Xmlsoft Libxml2 2.6.14
1 EDB exploit
605
VMScore
CVE-2013-0339
libxml2 up to and including 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote malicious users to cause a denial of service (resource consumption), se...
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.6.29
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Xmlsoft Libxml2 2.8.0
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 1.7.1
Xmlsoft Libxml2 2.7.2
Xmlsoft Libxml2 2.4.21
Xmlsoft Libxml2 2.4.20
Xmlsoft Libxml2 2.3.7
383
VMScore
CVE-2013-0338
libxml2 2.9.0 and previous versions allows context-dependent malicious users to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansi...
Xmlsoft Libxml2 1.7.0
Xmlsoft Libxml2 1.7.1
Xmlsoft Libxml2 2.5.10
Xmlsoft Libxml2 2.4.23
Xmlsoft Libxml2 2.4.28
Xmlsoft Libxml2 2.4.29
Xmlsoft Libxml2 2.4.22
Xmlsoft Libxml2 2.6.17
Xmlsoft Libxml2 2.4.9
Xmlsoft Libxml2 2.4.8
Xmlsoft Libxml2 2.4.12
Xmlsoft Libxml2 2.4.15
Xmlsoft Libxml2 2.4.14
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 1.7.2
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.6.14
Xmlsoft Libxml2 2.4.26
Xmlsoft Libxml2 2.4.27
Xmlsoft Libxml2 2.6.22
Xmlsoft Libxml2 2.4.21
445
VMScore
CVE-2012-0841
libxml2 prior to 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via crafted XML data.
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.6.29
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 1.7.1
Xmlsoft Libxml2 2.7.2
Xmlsoft Libxml2 2.4.21
Xmlsoft Libxml2 2.4.20
Xmlsoft Libxml2 2.3.7
Xmlsoft Libxml2 2.6.17
605
VMScore
CVE-2012-5134
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and previous versions, as used in Google Chrome prior to 23.0.1271.91 and other products, allows remote malicious users to cause a denial of service or possibly execute arbitrary code...
Google Chrome 23.0.1271.87
Google Chrome 23.0.1271.58
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Google Chrome 23.0.1271.19
Google Chrome 23.0.1271.51
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Google Chrome 23.0.1271.45
Google Chrome 23.0.1271.18
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Google Chrome 23.0.1271.17
Xmlsoft Libxml2 2.6.11
1 Github repository
383
VMScore
CVE-2009-2416
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent malicious users to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, a...
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.27
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.5.10
Fedoraproject Fedora 11
Fedoraproject Fedora 10
Debian Debian Linux 4.0
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 3.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Google Chrome
Apple Mac Os X
Apple Safari
Apple Mac Os X Server
Apple Iphone Os
Suse Linux Enterprise Server 9
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started