Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libxml2 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2016-1709
Heap-based buffer overflow in the ByteArray::Get method in data/byte_array.cc in Google sfntly prior to 2016-06-10, as used in Google Chrome prior to 52.0.2743.82, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted S...
Google Sfntly -
Google Chrome
8.8
CVSSv3
CVE-2016-1710
The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome prior to 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote malicious users to bypass the Same Origin Policy via a crafted w...
Google Chrome
8.8
CVSSv3
CVE-2016-1711
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome prior to 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote malicious users to bypass the Same Origin Policy via a crafted web site.
Google Chrome
8.8
CVSSv3
CVE-2016-5129
Google V8 prior to 5.2.361.32, as used in Google Chrome prior to 52.0.2743.82, does not properly process left-trimmed objects, which allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript cod...
Google Chrome 51.0.2704.106
Google V8
8.8
CVSSv3
CVE-2016-5131
Use-after-free vulnerability in libxml2 up to and including 2.9.4, as used in Google Chrome prior to 52.0.2743.82, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
Google Chrome
Xmlsoft Libxml2
Apple Watchos
Apple Tvos
Apple Iphone Os
Apple Mac Os X
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Suse Linux Enterprise 12.0
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2016-5132
The Service Workers subsystem in Google Chrome prior to 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote malicious users to bypass the Same Origin Policy via an https IFRAME elemen...
Google Chrome
8.8
CVSSv3
CVE-2016-5134
net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome prior to 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote malicious users to discover credentials by operating a server with a PAC sc...
Google Chrome
8.8
CVSSv3
CVE-2016-5136
Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome prior to 52.0.2743.82 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors related to script deleti...
Google Chrome
8.8
CVSSv3
CVE-2016-5128
objects.cc in Google V8 prior to 5.2.361.27, as used in Google Chrome prior to 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote malicious users to bypass the Same Origin Policy via a crafted web site.
Google Chrome
Google V8 5.2.360
8.6
CVSSv3
CVE-2021-3517
There is a flaw in the xml entity encoding functionality of libxml2 in versions prior to 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most like...
Xmlsoft Libxml2
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp E-series Santricity Storage Manager -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp Manageability Software Development Kit -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Os Controller
Netapp Hci H410c Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »