Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xmlsoft vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2008-4225
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent malicious users to cause a denial of service (infinite loop) via a large XML document.
Xmlsoft Libxml 2.7.2
10
CVSSv2
CVE-2008-4226
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
Xmlsoft Libxml 2.7.2
5
CVSSv2
CVE-2008-4409
libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent malicious users to cause a denial of service (memory consumption and application crash), as demonstrated by use of xmllint on a certain XML doc...
Xmlsoft Libxml2 2.7.1
Xmlsoft Libxml2 2.7.0
1 EDB exploit
10
CVSSv2
CVE-2008-3529
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 prior to 2.7.0 allows context-dependent malicious users to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
Xmlsoft Libxml2
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Apple Mac Os X 10.5.7
Apple Mac Os X
Apple Safari
Apple Iphone Os
1 EDB exploit
4.3
CVSSv2
CVE-2008-3281
libxml2 2.6.32 and previous versions does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document.
Xmlsoft Libxml2
Apple Safari
Apple Iphone Os
Fedoraproject Fedora 9
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 4.7
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Eus 5.2
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
7.5
CVSSv2
CVE-2008-2935
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 up to and including 1.1.24 allow context-dependent malicious users to execu...
Xmlsoft Libxslt 1.1.10
Xmlsoft Libxslt 1.1.11
Xmlsoft Libxslt 1.1.19
Xmlsoft Libxslt 1.1.20
Xmlsoft Libxslt 1.1.14
Xmlsoft Libxslt 1.1.15
Xmlsoft Libxslt 1.1.16
Xmlsoft Libxslt 1.1.23
Xmlsoft Libxslt 1.1.24
Xmlsoft Libxslt 1.1.12
Xmlsoft Libxslt 1.1.13
Xmlsoft Libxslt 1.1.21
Xmlsoft Libxslt 1.1.22
Xmlsoft Libxslt 1.1.17
Xmlsoft Libxslt 1.1.18
Xmlsoft Libxslt 1.1.8
Xmlsoft Libxslt 1.1.9
1 EDB exploit
10
CVSSv2
CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote malicious users to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data...
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.5.11
Xmlsoft Libxml2 2.6.9
Xmlstarlet Command Line Xml Toolkit 0.9.1
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 2.6.12
Xmlsoft Libxml2 2.6.13
Xmlsoft Libxml2 2.6.14
Xmlsoft Libxml2 2.6.6
Xmlsoft Libxml2 2.6.7
Xmlsoft Libxml2 2.6.8
Redhat Fedora Core Core 2.0
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Ubuntu Ubuntu Linux 4.1
1 EDB exploit
7.5
CVSSv2
CVE-2004-0110
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 up to and including 2.6.5 allow remote malicious users to execute arbitrary code via a long URL.
Sgi Propack 2.3
Xmlsoft Libxml2 2.5.4
Xmlsoft Libxml2 2.6.0
Xmlsoft Libxml2 2.5.10
Xmlsoft Libxml2 2.5.11
Xmlsoft Libxml2 2.6.5
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.23
Xmlsoft Libxml2 2.6.3
Xmlsoft Libxml2 2.6.4
Sgi Propack 2.4
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.6.1
Xmlsoft Libxml2 2.6.2
1 EDB exploit
9.3
CVSSv2
CVE-2003-1564
libxml2, possibly prior to 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references,...
Xmlsoft Libxml2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8