Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xmlsoft libxslt vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-4609
libxslt in Apple iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 on Windows, iCloud prior to 5.2.1 on Windows, tvOS prior to 9.2.2, and watchOS prior to 2.2.2 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspeci...
Xmlsoft Libxslt
Apple Iphone Os
Apple Tvos
Apple Mac Os X
Apple Watchos
Apple Icloud
Apple Itunes
Fedoraproject Fedora 30
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2016-4607
libxslt in Apple iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 on Windows, iCloud prior to 5.2.1 on Windows, tvOS prior to 9.2.2, and watchOS prior to 2.2.2 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspeci...
Xmlsoft Libxslt
Apple Iphone Os
Apple Tvos
Apple Mac Os X
Apple Watchos
Apple Icloud
Apple Itunes
Fedoraproject Fedora 30
7.5
CVSSv2
CVE-2016-4610
libxslt in Apple iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 on Windows, iCloud prior to 5.2.1 on Windows, tvOS prior to 9.2.2, and watchOS prior to 2.2.2 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspeci...
Xmlsoft Libxslt
Apple Icloud
Apple Itunes
Fedoraproject Fedora 30
Debian Debian Linux 8.0
5
CVSSv2
CVE-2015-7995
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows malicious users to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
Apple Iphone Os
Apple Mac Os X
Apple Watchos
Apple Tvos
Xmlsoft Libxslt
4.3
CVSSv2
CVE-2013-4520
xslt.c in libxslt prior to 1.1.25 allows context-dependent malicious users to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825.
Xmlsoft Libxslt 0.2.0
Xmlsoft Libxslt 0.3.0
Xmlsoft Libxslt 0.4.0
Xmlsoft Libxslt 0.5.0
Xmlsoft Libxslt 1.0.17
Xmlsoft Libxslt 1.0.18
Xmlsoft Libxslt 1.0.19
Xmlsoft Libxslt 1.0.2
Xmlsoft Libxslt 1.0.32
Xmlsoft Libxslt 1.0.33
Xmlsoft Libxslt 1.0.4
Xmlsoft Libxslt 1.0.5
Xmlsoft Libxslt 1.1.16
Xmlsoft Libxslt 1.1.17
Xmlsoft Libxslt 1.1.18
Xmlsoft Libxslt 1.1.19
Xmlsoft Libxslt 1.1.2
Xmlsoft Libxslt 0.12.0
Xmlsoft Libxslt 0.14.0
Xmlsoft Libxslt 0.6.0
Xmlsoft Libxslt 0.8.0
Xmlsoft Libxslt 1.0.0
5
CVSSv2
CVE-2012-6139
libxslt prior to 1.1.28 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functio...
Xmlsoft Libxslt 1.1.21
Xmlsoft Libxslt 1.1.20
Xmlsoft Libxslt 1.1.13
Xmlsoft Libxslt 1.1.12
Xmlsoft Libxslt 1.1.11
Xmlsoft Libxslt 1.1.4
Xmlsoft Libxslt 1.1.3
Xmlsoft Libxslt 1.0.30
Xmlsoft Libxslt 1.0.29
Xmlsoft Libxslt 1.0.21
Xmlsoft Libxslt 1.0.20
Xmlsoft Libxslt 1.0.13
Xmlsoft Libxslt 1.0.12
Xmlsoft Libxslt 1.0.5
Xmlsoft Libxslt 1.0.4
Xmlsoft Libxslt 0.11.0
Xmlsoft Libxslt 0.10.0
Xmlsoft Libxslt 0.3.0
Xmlsoft Libxslt 0.2.0
Xmlsoft Libxslt 1.1.25
Xmlsoft Libxslt 1.1.24
Xmlsoft Libxslt 1.1.17
4.3
CVSSv2
CVE-2012-2870
libxslt 1.1.26 and previous versions, as used in Google Chrome prior to 21.0.1180.89, does not properly manage memory, which might allow remote malicious users to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XP...
Apple Iphone Os 6.1.2
Apple Iphone Os 3.0
Apple Iphone Os 3.2
Apple Iphone Os 3.1.3
Apple Iphone Os 1.0.2
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os
Apple Iphone Os 2.2
Apple Iphone Os 1.1.1
Apple Iphone Os 6.1.3
Apple Iphone Os 5.1
Apple Iphone Os 4.2.8
Apple Iphone Os 6.0.2
Apple Iphone Os 4.1
Apple Iphone Os 2.0.0
Apple Iphone Os 3.1.2
Apple Iphone Os 3.0.1
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 1.1.2
Apple Iphone Os 3.1
6.8
CVSSv2
CVE-2012-2871
libxml2 2.9.0-rc1 and previous versions, as used in Google Chrome prior to 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote malicious users to cause a denial of service or possibly have unknown other ...
Apple Iphone Os 6.1.2
Apple Iphone Os 3.0
Apple Iphone Os 3.2
Apple Iphone Os 3.1.3
Apple Iphone Os 1.0.2
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os
Apple Iphone Os 2.2
Apple Iphone Os 1.1.1
Apple Iphone Os 6.1.3
Apple Iphone Os 5.1
Apple Iphone Os 4.2.8
Apple Iphone Os 6.0.2
Apple Iphone Os 4.1
Apple Iphone Os 2.0.0
Apple Iphone Os 3.1.2
Apple Iphone Os 3.0.1
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 1.1.2
Apple Iphone Os 3.1
1 Article
4.3
CVSSv2
CVE-2011-3970
libxslt, as used in Google Chrome prior to 17.0.963.46, allows remote malicious users to cause a denial of service (out-of-bounds read) via unspecified vectors.
Google Chrome
Xmlsoft Libxslt
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Server 10
4.3
CVSSv2
CVE-2011-1202
The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and previous versions, as used in Google Chrome prior to 10.0.648.127 and other products, allows remote malicious users to obtain potentially sensitive information about heap memory addresses via an XML document...
Google Chrome
Xmlsoft Libxslt
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »