Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libxml vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2008-3529
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 prior to 2.7.0 allows context-dependent malicious users to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
Xmlsoft Libxml2
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Apple Mac Os X 10.5.7
Apple Mac Os X
Apple Safari
Apple Iphone Os
1 EDB exploit
828
VMScore
CVE-2011-0216
Off-by-one error in libxml in Apple Safari prior to 5.0.6 allows remote malicious users to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.
Apple Safari 2.0.1
Apple Safari 1.2.2
Apple Safari 2.0.2
Apple Safari 1.0
Apple Safari 1.0.3
Apple Safari 1.0.2
Apple Safari 1.0.0
Apple Safari 2.0.3
Apple Safari 2.0.4
Apple Safari 2.0
Apple Safari 1.1
Apple Safari 3.2.1
Apple Safari 3.1.0
Apple Safari 3.0.4b
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 3.0
Apple Safari 3.0.3
Apple Safari 5.0
Apple Safari 1.3.2
NA
CVE-2023-3823
In PHP versions 8.0.* prior to 8.0.30, 8.1.* prior to 8.1.22, and 8.2.* prior to 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly c...
Php Php
Fedoraproject Fedora 38
Debian Debian Linux 10.0
605
VMScore
CVE-2012-5134
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and previous versions, as used in Google Chrome prior to 23.0.1271.91 and other products, allows remote malicious users to cause a denial of service or possibly execute arbitrary code...
Google Chrome 23.0.1271.87
Google Chrome 23.0.1271.58
Xmlsoft Libxml2 2.2.0
Xmlsoft Libxml2 2.2.2
Google Chrome 23.0.1271.19
Google Chrome 23.0.1271.51
Xmlsoft Libxml2 2.4.30
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 1.8.0
Xmlsoft Libxml2 1.8.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.1.0
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.7
Xmlsoft Libxml2 2.4.17
Xmlsoft Libxml2 2.2.9
Google Chrome 23.0.1271.45
Google Chrome 23.0.1271.18
Xmlsoft Libxml2 2.3.6
Xmlsoft Libxml2 2.6.26
Google Chrome 23.0.1271.17
Xmlsoft Libxml2 2.6.11
1 Github repository
NA
CVE-2023-3824
In PHP version 8.0.* prior to 8.0.30, 8.1.* prior to 8.1.22, and 8.2.* prior to 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
Php Php
Fedoraproject Fedora 38
Debian Debian Linux 10.0
6 Github repositories
2 Articles
NA
CVE-2023-3247
In PHP versions 8.0.* prior to 8.0.29, 8.1.* prior to 8.1.20, 8.2.* prior to 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it c...
Php Php
607
VMScore
CVE-2012-2871
libxml2 2.9.0-rc1 and previous versions, as used in Google Chrome prior to 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote malicious users to cause a denial of service or possibly have unknown other ...
Apple Iphone Os 6.1.2
Apple Iphone Os 3.0
Apple Iphone Os 3.2
Apple Iphone Os 3.1.3
Apple Iphone Os 1.0.2
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os
Apple Iphone Os 2.2
Apple Iphone Os 1.1.1
Apple Iphone Os 6.1.3
Apple Iphone Os 5.1
Apple Iphone Os 4.2.8
Apple Iphone Os 6.0.2
Apple Iphone Os 4.1
Apple Iphone Os 2.0.0
Apple Iphone Os 3.1.2
Apple Iphone Os 3.0.1
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 1.1.2
Apple Iphone Os 3.1
1 Article
446
VMScore
CVE-2021-21707
In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as ...
Php Php
Netapp Clustered Data Ontap -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Tenable Tenable.sc
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3