Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xmlsoft libxml2 2.9.4 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-18258
The xz_head function in xzlib.c in libxml2 prior to 2.9.6 allows remote malicious users to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.
Xmlsoft Libxml2
5.5
CVSSv3
CVE-2016-1836
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to cause a denial of service via a crafted XML ...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server 7.0
5.5
CVSSv3
CVE-2016-1837
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allow remote malicious users to...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Apple Mac Os X
Apple Watchos
Apple Iphone Os
Apple Tvos
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Eus 7.5
5.5
CVSSv3
CVE-2016-1838
The xmlPArserPrintFileContextInternal function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a cr...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server 7.0
1 EDB exploit
4.7
CVSSv3
CVE-2017-5969
libxml2 2.9.4, when used in recover mode, allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for ma...
Xmlsoft Libxml2 2.9.4
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2