Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libxml2 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2011-3919
Heap-based buffer overflow in libxml2, as used in Google Chrome prior to 16.0.912.75, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Google Chrome
Apple Iphone Os
Apple Mac Os X
Suse Linux Enterprise Server 10
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Eus 6.3
Debian Debian Linux 5.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
668
VMScore
CVE-2011-2821
Double free vulnerability in libxml2, as used in Google Chrome prior to 13.0.782.215, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.
Google Chrome
Debian Debian Linux 5.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Eus 6.3
Apple Iphone Os
Apple Mac Os X
668
VMScore
CVE-2010-4494
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome prior to 8.0.552.215 and other products, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
Google Chrome
Xmlsoft Libxml2
Apple Itunes
Apple Safari
Apple Iphone Os
Apple Mac Os X
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Suse Linux Enterprise Server 11
Fedoraproject Fedora 14
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.3
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Hp Insight Control Server Deployment
Hp Rapid Deployment Pack
Apache Openoffice
632
VMScore
CVE-2021-35550
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows un...
Oracle Openjdk 11.0.12
Oracle Openjdk 8
Oracle Openjdk 7
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Netapp Snapmanager -
Netapp Oncommand Insight -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Os Controller
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp E-series Santricity Web Services -
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
607
VMScore
CVE-2012-2871
libxml2 2.9.0-rc1 and previous versions, as used in Google Chrome prior to 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote malicious users to cause a denial of service or possibly have unknown other ...
Apple Iphone Os 6.1.2
Apple Iphone Os 3.0
Apple Iphone Os 3.2
Apple Iphone Os 3.1.3
Apple Iphone Os 1.0.2
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os
Apple Iphone Os 2.2
Apple Iphone Os 1.1.1
Apple Iphone Os 6.1.3
Apple Iphone Os 5.1
Apple Iphone Os 4.2.8
Apple Iphone Os 6.0.2
Apple Iphone Os 4.1
Apple Iphone Os 2.0.0
Apple Iphone Os 3.1.2
Apple Iphone Os 3.0.1
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 1.1.2
Apple Iphone Os 3.1
1 Article
606
VMScore
CVE-2021-43818
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a s...
Lxml Lxml
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Solidfire -
Netapp Solidfire Enterprise Sds -
Netapp Hci Storage Node Firmware -
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
606
VMScore
CVE-2016-5129
Google V8 prior to 5.2.361.32, as used in Google Chrome prior to 52.0.2743.82, does not properly process left-trimmed objects, which allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript cod...
Google Chrome 51.0.2704.106
Google V8
606
VMScore
CVE-2016-1710
The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome prior to 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote malicious users to bypass the Same Origin Policy via a crafted w...
Google Chrome
606
VMScore
CVE-2016-1711
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome prior to 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote malicious users to bypass the Same Origin Policy via a crafted web site.
Google Chrome
605
VMScore
CVE-2021-3516
There's a flaw in libxml2's xmllint in versions prior to 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.
Xmlsoft Xmllint
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Oracle Zfs Storage Appliance Kit 8.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »