Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libxml vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-2414
Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent malicious users to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion,...
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.27
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.5.10
4.3
CVSSv2
CVE-2009-2416
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent malicious users to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, a...
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.27
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.5.10
Fedoraproject Fedora 11
Fedoraproject Fedora 10
Debian Debian Linux 4.0
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 3.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Google Chrome
Apple Mac Os X
Apple Safari
Apple Mac Os X Server
Apple Iphone Os
Suse Linux Enterprise Server 9
1.9
CVSSv2
CVE-2019-12400
In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader...
Apache Santuario Xml Security For Java
Redhat Jboss Enterprise Application Platform 7.2
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
5 Github repositories
NA
CVE-2023-44483
All versions of Apache Santuario - XML Security for Java before 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are re...
Apache Santuario Xml Security For Java
1 Github repository
NA
CVE-2023-3823
In PHP versions 8.0.* prior to 8.0.30, 8.1.* prior to 8.1.22, and 8.2.* prior to 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly c...
Php Php
Fedoraproject Fedora 38
Debian Debian Linux 10.0
NA
CVE-2023-3824
In PHP version 8.0.* prior to 8.0.30, 8.1.* prior to 8.1.22, and 8.2.* prior to 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
Php Php
Fedoraproject Fedora 38
Debian Debian Linux 10.0
6 Github repositories
2 Articles
NA
CVE-2023-3247
In PHP versions 8.0.* prior to 8.0.29, 8.1.* prior to 8.1.20, 8.2.* prior to 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it c...
Php Php
NA
CVE-2016-3709
Possible cross-site scripting vulnerability in libxml after commit 960f0e2.
Xmlsoft Libxml2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3