Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libxml2 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-4615
libxml2 in Apple iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 on Windows, iCloud prior to 5.2.1 on Windows, tvOS prior to 9.2.2, and watchOS prior to 2.2.2 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspeci...
Apple Iphone Os
Apple Tvos
Apple Watchos
Apple Mac Os X
Apple Itunes
Apple Icloud
9.8
CVSSv3
CVE-2016-4616
libxml2 in Apple iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 on Windows, iCloud prior to 5.2.1 on Windows, tvOS prior to 9.2.2, and watchOS prior to 2.2.2 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspeci...
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Apple Itunes
Apple Icloud
9.8
CVSSv3
CVE-2016-4614
libxml2 in Apple iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 on Windows, iCloud prior to 5.2.1 on Windows, tvOS prior to 9.2.2, and watchOS prior to 2.2.2 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspeci...
Apple Icloud
Apple Itunes
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
9.8
CVSSv3
CVE-2016-1761
libxml2 in Apple iOS prior to 9.3, OS X prior to 10.11.4, and watchOS prior to 2.2 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
Apple Watchos
Apple Iphone Os
Apple Mac Os X
9.6
CVSSv3
CVE-2016-1706
The PPAPI implementation in Google Chrome prior to 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote malicious users to bypass a sandbox protection mechanism via an unexpected...
Google Chrome
9.1
CVSSv3
CVE-2017-8872
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows malicious users to cause a denial of service (buffer over-read) or information disclosure.
Xmlsoft Libxml2 2.9.4
8.8
CVSSv3
CVE-2021-3518
There's a flaw in libxml2 in versions prior to 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...
Xmlsoft Libxml2
Debian Debian Linux 9.0
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Hci H410c Firmware -
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Mysql Workbench
Oracle Real User Experience Insight 13.4.1.0
Oracle Real User Experience Insight 13.5.1.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
8.8
CVSSv3
CVE-2017-5130
An integer overflow in xmlmemory.c in libxml2 prior to 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote malicious user to potentially exploit heap corruption via a crafted XML file.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Xmlsoft Libxml2
8.8
CVSSv3
CVE-2016-5128
objects.cc in Google V8 prior to 5.2.361.27, as used in Google Chrome prior to 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote malicious users to bypass the Same Origin Policy via a crafted web site.
Google Chrome
Google V8 5.2.360
8.8
CVSSv3
CVE-2016-5129
Google V8 prior to 5.2.361.32, as used in Google Chrome prior to 52.0.2743.82, does not properly process left-trimmed objects, which allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript cod...
Google Chrome 51.0.2704.106
Google V8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »