Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xmlsoft vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-18258
The xz_head function in xzlib.c in libxml2 prior to 2.9.6 allows remote malicious users to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.
Xmlsoft Libxml2
6.5
CVSSv3
CVE-2016-2073
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows malicious users to cause a denial of service (out-of-bounds read) via a crafted XML document.
Xmlsoft Libxml2
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
6.5
CVSSv3
CVE-2009-2416
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent malicious users to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, a...
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 2.6.32
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.27
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.5.10
Fedoraproject Fedora 11
Fedoraproject Fedora 10
Debian Debian Linux 4.0
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 3.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Google Chrome
Apple Mac Os X
Apple Safari
Apple Mac Os X Server
Apple Iphone Os
Suse Linux Enterprise Server 9
6.5
CVSSv3
CVE-2008-3281
libxml2 2.6.32 and previous versions does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document.
Xmlsoft Libxml2
Apple Safari
Apple Iphone Os
Fedoraproject Fedora 9
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 4.7
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Eus 5.2
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
6.5
CVSSv3
CVE-2003-1564
libxml2, possibly prior to 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references,...
Xmlsoft Libxml2
6.1
CVSSv3
CVE-2016-3709
Possible cross-site scripting vulnerability in libxml after commit 960f0e2.
Xmlsoft Libxml2
5.9
CVSSv3
CVE-2021-3537
A vulnerability found in libxml2 in versions prior to 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the applic...
Xmlsoft Libxml2
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Hci H410c Firmware -
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Openjdk 8
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Mysql Workbench
Oracle Real User Experience Insight 13.4.1.0
5.5
CVSSv3
CVE-2016-1838
The xmlPArserPrintFileContextInternal function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a cr...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server 7.0
1 EDB exploit
5.5
CVSSv3
CVE-2016-1836
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to cause a denial of service via a crafted XML ...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server 7.0
5.5
CVSSv3
CVE-2016-1837
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allow remote malicious users to...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Apple Mac Os X
Apple Watchos
Apple Iphone Os
Apple Tvos
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Eus 7.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »