Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ezxml project ezxml vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-20006
An issue exists in ezXML 0.8.3 up to and including 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), leading to a segmentation fault.
Ezxml Project Ezxml
4.3
CVSSv2
CVE-2022-30045
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read.
Ezxml Project Ezxml 0.8.6
4.3
CVSSv2
CVE-2021-31347
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (writing outside a memory region created by mmap).
Ezxml Project Ezxml 0.8.6
Debian Debian Linux 9.0
5
CVSSv2
CVE-2021-31598
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow.
Ezxml Project Ezxml 0.8.6
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2021-30485
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer.
Ezxml Project Ezxml 0.8.6
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2021-31348
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (out-of-bounds read after a certain strcspn failure).
Ezxml Project Ezxml 0.8.6
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2021-31229
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd() performs incorrect memory handling while parsing crafted XML files, which leads to an out-of-bounds write of a one byte constant.
Ezxml Project Ezxml 0.8.6
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2