Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libxml2 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-3911
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
Apple Icloud
Apple Itunes
Apple Ipados
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
668
VMScore
CVE-2020-3909
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
Apple Mac Os X
Apple Itunes
Apple Ipados
Apple Iphone Os
Apple Tvos
Apple Watchos
Apple Icloud
Oracle Sun Zfs Storage Appliance Kit Software 8.8
668
VMScore
CVE-2017-7375
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surfa...
Xmlsoft Libxml2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Google Android 5.1.1
Google Android 6.0.1
Google Android 5.0.2
Google Android 7.1.1
Google Android 7.1.2
Google Android 4.4.4
Google Android 6.0
Google Android 7.0
Xmlsoft Libxml2 2.9.4
668
VMScore
CVE-2017-16931
parser.c in libxml2 prior to 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.
Xmlsoft Libxml2
668
VMScore
CVE-2017-10672
Use-after-free in the XML-LibXML module up to and including 2.0129 for Perl allows remote malicious users to execute arbitrary code by controlling the arguments to a replaceChild call.
Xml-libxml Project Xml-libxml
Debian Debian Linux 8.0
Debian Debian Linux 9.0
668
VMScore
CVE-2016-4616
libxml2 in Apple iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 on Windows, iCloud prior to 5.2.1 on Windows, tvOS prior to 9.2.2, and watchOS prior to 2.2.2 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspeci...
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Apple Itunes
Apple Icloud
668
VMScore
CVE-2016-4614
libxml2 in Apple iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 on Windows, iCloud prior to 5.2.1 on Windows, tvOS prior to 9.2.2, and watchOS prior to 2.2.2 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspeci...
Apple Icloud
Apple Itunes
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
668
VMScore
CVE-2016-4615
libxml2 in Apple iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 on Windows, iCloud prior to 5.2.1 on Windows, tvOS prior to 9.2.2, and watchOS prior to 2.2.2 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspeci...
Apple Iphone Os
Apple Tvos
Apple Watchos
Apple Mac Os X
Apple Itunes
Apple Icloud
668
VMScore
CVE-2013-1915
ModSecurity prior to 2.7.3 allows remote malicious users to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference, aka an XML External ...
Trustwave Modsecurity
Opensuse Opensuse 11.4
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Debian Debian Linux 6.0
Debian Debian Linux 7.0
668
VMScore
CVE-2013-1969
Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions...
Xmlsoft Libxml2 2.9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »