20 matches found
BIT-JAVA-MIN-2025-24928
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...
Astra Linux - уязвимость в libxml2
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...
JLSEC-2025-74 valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
EUVD-2017-4036
Malware in sbrugna...
CLSA-2025-1742918628 libxml2: Fix of CVE-2025-24928
CVE-2025-24928: fix stack-based buffer overflow in xmlSnprintfElements in valid.c...
AZL-57031 CVE-2025-24928 affecting package libxml2 for versions less than 2.11.5-4
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...
libxml2 安全漏洞
libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, XSH. A security vulnerability exists in libxml2 versions prior to 2.12.10 and prior to 2.13.6, which stems from a stack buffer overflow in valid.c and may be...
CVE-2018-9466
In the xmlSnprintfElementContent function of valid.c, there is a possible out of bounds write. This could lead to remote escalation of privilege in an unprivileged app with no additional execution privileges needed. User interaction is needed for exploitation...
SUSE CVE-2017-9048
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more...
SUSE CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
...
AZL-8862 CVE-2022-23308 affecting package libxml2 for versions less than 2.9.13-1
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
ALPINE-CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
DEBIAN-CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
UBUNTU-CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
libxml2: Stack-based buffer overflow in function xmlSnprintfElementContent
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more...
libxml2: Buffer overflow in function xmlSnprintfElementContent
A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlenbuf. If the content-type is...
CVE-2017-12464
ccn-lite-valid.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service NULL pointer dereference via vectors involving the keyfile variable...
Stack overflow
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more...
Buffer overflow
A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlenbuf. If the content-type is...