106 matches found
Astra Linux - уязвимость в libxml2
A issue was discovered in libxml2 before versions 2.11.7 and 2.12.x, and even before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to a use-after-free of the xmlValidatePopElement function...
PT-2026-38830
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...
BIT-JAVA-MIN-2024-25062
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...
BIT-JAVA-2024-25062
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...
PT-2026-38016
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...
PT-2026-37809
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...
📄 libxml2 2.9.14 Remote Code Execution
libxml2 version 2.9.14 2022 proof of concept exploit for a heap buffer overflow in the xmlRegEpxFromParse function in xmlregexp.c. This version from the author is in the form of a Metasploit module...
📄 libxml2 2.9.14 (2022) Heap Buffer Overflow
libxml2 version 2.9.14 2022 proof of concept exploit for a heap buffer overflow in the xmlRegEpxFromParse function in xmlregexp.c. ============================================================================================================================================= | Title : libxml2 2.9.14...
Siemens SIMATIC Devices Use After Free (CVE-2024-25062)
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. This plugin only works with Tenable.ot. Please...
JLSEC-2025-87 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElem...
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...
EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2025-1597)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2 before 2.12.10...
EulerOS 2.0 SP13 : libxml2 (EulerOS-SA-2025-1637)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2 before 2.12.10...
FreeBSD : libxml2 -- Stack-based Buffer Overflow (fdd02be0-3e50-11f0-95d4-00a098b42aeb)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fdd02be0-3e50-11f0-95d4-00a098b42aeb advisory. [email protected] reports: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflo...
libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2
A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD...
EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2025-1526)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2 before 2.12.10...
Azure Linux 3.0 Security Update: libxml2 (CVE-2025-24928)
The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-24928 advisory. - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in...
Azure Linux 3.0 Security Update: libxml2 (CVE-2024-25062)
The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25062 advisory. - An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader...
libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2
A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD...
libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2
A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD...
Use-after-free in xmlValidatePopElement() using XMLReader API (CVE-2024-25062)
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...