Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xmlsoft vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2008-3529
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 prior to 2.7.0 allows context-dependent malicious users to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
Xmlsoft Libxml2
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Apple Mac Os X 10.5.7
Apple Mac Os X
Apple Safari
Apple Iphone Os
1 EDB exploit
1000
VMScore
CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote malicious users to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data...
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.5.11
Xmlsoft Libxml2 2.6.9
Xmlstarlet Command Line Xml Toolkit 0.9.1
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 2.6.12
Xmlsoft Libxml2 2.6.13
Xmlsoft Libxml2 2.6.14
Xmlsoft Libxml2 2.6.6
Xmlsoft Libxml2 2.6.7
Xmlsoft Libxml2 2.6.8
Redhat Fedora Core Core 2.0
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Ubuntu Ubuntu Linux 4.1
1 EDB exploit
935
VMScore
CVE-2011-1944
Integer overflow in xpath.c in libxml2 2.6.x up to and including 2.6.32 and 2.7.x up to and including 2.7.8, and libxml 1.8.16 and previous versions, allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XM...
Xmlsoft Libxml2 2.6.26
Xmlsoft Libxml2 2.6.30
Xmlsoft Libxml2 2.6.5
Xmlsoft Libxml2 2.6.6
Xmlsoft Libxml2 2.6.13
Xmlsoft Libxml2 2.6.9
Xmlsoft Libxml2 2.6.22
Xmlsoft Libxml2 2.6.27
Xmlsoft Libxml2 2.6.11
Xmlsoft Libxml2 2.6.1
Xmlsoft Libxml2 2.6.0
Xmlsoft Libxml2 2.6.2
Xmlsoft Libxml2 2.6.12
Xmlsoft Libxml2 2.6.17
Xmlsoft Libxml2 2.6.16
Xmlsoft Libxml2 2.6.3
Xmlsoft Libxml2 2.6.4
Xmlsoft Libxml2 2.6.7
Xmlsoft Libxml2 2.6.8
Xmlsoft Libxml2 2.6.20
Xmlsoft Libxml2 2.6.18
Xmlsoft Libxml2 2.6.14
1 EDB exploit
890
VMScore
CVE-2017-7376
Buffer overflow in libxml2 allows remote malicious users to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
Xmlsoft Libxml2
Google Android 7.1.2
Google Android 6.0.1
Google Android 5.0.2
Google Android 5.1.1
Google Android 4.4.4
Google Android 7.1.1
Google Android 7.0
Google Android 6.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Github repository
890
VMScore
CVE-2016-4658
xpointer.c in libxml2 prior to 2.9.5 (as used in Apple iOS prior to 10, OS X prior to 10.12, tvOS prior to 10, and watchOS prior to 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote malicious users to execute arbitrary code or cause a ...
Apple Iphone Os
Apple Mac Os X
Apple Tvos
Apple Watchos
Xmlsoft Libxml2
1 Github repository
890
VMScore
CVE-2008-4226
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
Xmlsoft Libxml 2.7.2
828
VMScore
CVE-2016-1834
Heap-based buffer overflow in the xmlStrncat function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to execute arbitrary code or cause a denial of service (memo...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Apple Tvos
Apple Iphone Os
Apple Mac Os X
Apple Watchos
Debian Debian Linux 8.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Desktop 7.0
828
VMScore
CVE-2003-1564
libxml2, possibly prior to 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references,...
Xmlsoft Libxml2
755
VMScore
CVE-2008-2935
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 up to and including 1.1.24 allow context-dependent malicious users to execu...
Xmlsoft Libxslt 1.1.10
Xmlsoft Libxslt 1.1.11
Xmlsoft Libxslt 1.1.19
Xmlsoft Libxslt 1.1.20
Xmlsoft Libxslt 1.1.14
Xmlsoft Libxslt 1.1.15
Xmlsoft Libxslt 1.1.16
Xmlsoft Libxslt 1.1.23
Xmlsoft Libxslt 1.1.24
Xmlsoft Libxslt 1.1.12
Xmlsoft Libxslt 1.1.13
Xmlsoft Libxslt 1.1.21
Xmlsoft Libxslt 1.1.22
Xmlsoft Libxslt 1.1.17
Xmlsoft Libxslt 1.1.18
Xmlsoft Libxslt 1.1.8
Xmlsoft Libxslt 1.1.9
1 EDB exploit
755
VMScore
CVE-2004-0110
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 up to and including 2.6.5 allow remote malicious users to execute arbitrary code via a long URL.
Sgi Propack 2.3
Xmlsoft Libxml2 2.5.4
Xmlsoft Libxml2 2.6.0
Xmlsoft Libxml2 2.5.10
Xmlsoft Libxml2 2.5.11
Xmlsoft Libxml2 2.6.5
Xmlsoft Libxml2 2.4.19
Xmlsoft Libxml2 2.4.23
Xmlsoft Libxml2 2.6.3
Xmlsoft Libxml2 2.6.4
Sgi Propack 2.4
Xmlsoft Libxml 1.8.17
Xmlsoft Libxml2 2.6.1
Xmlsoft Libxml2 2.6.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »