Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xmlsoft libxml2 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2016-4658
xpointer.c in libxml2 prior to 2.9.5 (as used in Apple iOS prior to 10, OS X prior to 10.12, tvOS prior to 10, and watchOS prior to 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote malicious users to execute arbitrary code or cause a ...
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Xmlsoft Libxml2
1 Github repository
6.8
CVSSv2
CVE-2016-5131
Use-after-free vulnerability in libxml2 up to and including 2.9.4, as used in Google Chrome prior to 52.0.2743.82, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
Google Chrome
Xmlsoft Libxml2
Apple Watchos
Apple Tvos
Apple Iphone Os
Apple Mac Os X
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Suse Linux Enterprise 12.0
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2016-4447
The xmlParseElementDecl function in parser.c in libxml2 prior to 2.9.4 allows context-dependent malicious users to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
Hp Icewall Federation Agent 3.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Oracle Vm Server 3.4
Oracle Vm Server 3.3
Apple Itunes 12.4.1
Apple Iphone Os
Apple Tvos
Apple Watchos
Apple Mac Os X
Xmlsoft Libxml2
Mcafee Web Gateway
9.3
CVSSv2
CVE-2016-1834
Heap-based buffer overflow in the xmlStrncat function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to execute arbitrary code or cause a denial of service (memo...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Apple Tvos
Apple Iphone Os
Apple Mac Os X
Apple Watchos
Debian Debian Linux 8.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Desktop 7.0
4.3
CVSSv2
CVE-2016-1836
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to cause a denial of service via a crafted XML ...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server 7.0
4.3
CVSSv2
CVE-2016-1837
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allow remote malicious users to...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Apple Mac Os X
Apple Watchos
Apple Iphone Os
Apple Tvos
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Eus 7.5
4.3
CVSSv2
CVE-2016-1838
The xmlPArserPrintFileContextInternal function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a cr...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server 7.0
1 EDB exploit
6.8
CVSSv2
CVE-2016-1840
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to execute arbitrary code or cause a denial of s...
Debian Debian Linux 8.0
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
5
CVSSv2
CVE-2015-8806
dict.c in libxml2 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
Xmlsoft Libxml2
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2016-2073
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows malicious users to cause a denial of service (out-of-bounds read) via a crafted XML document.
Xmlsoft Libxml2
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »