Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ezxml vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2021-26220
The ezxml_toxml function in ezxml 0.8.6 and previous versions is vulnerable to OOB write when opening XML file after exhausting the memory pool.
Ezxml Project Ezxml
6.5
CVSSv3
CVE-2022-30045
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read.
Ezxml Project Ezxml 0.8.6
6.5
CVSSv3
CVE-2021-31229
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd() performs incorrect memory handling while parsing crafted XML files, which leads to an out-of-bounds write of a one byte constant.
Ezxml Project Ezxml 0.8.6
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2021-31598
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow.
Ezxml Project Ezxml 0.8.6
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2021-31347
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (writing outside a memory region created by mmap).
Ezxml Project Ezxml 0.8.6
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2021-30485
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer.
Ezxml Project Ezxml 0.8.6
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2021-31348
An issue exists in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (out-of-bounds read after a certain strcspn failure).
Ezxml Project Ezxml 0.8.6
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2