Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

120 matches found

RedHat Linux
RedHat Linuxadded 2018/08/16 4:6 p.m.1 views

libxml2: Use after free triggered by XPointer paths beginning with range-to

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function...

8.8CVSS7.4AI score0.0369EPSS
Exploits0References5
Fedora
Fedoraadded 2018/08/09 4:53 p.m.46 views

[SECURITY] Fedora 27 Update: libxml2-2.9.8-4.fc27

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

7.5CVSS0.5AI score0.20012EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2018/06/28 12:0 a.m.60 views

EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2018-1156)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial ...

9.8CVSS7.5AI score0.21755EPSS
Exploits0References4
Veracode
Veracodeadded 2018/05/23 5:14 a.m.60 views

Remote Code Execution (RCE)

libxml2.so is vulnerable to remote code execution RCE attacks. The application does not forbid namespace nodes in XPointer ranges, allowing a malicious user to inject and execute arbitrary code...

9.8CVSS9.7AI score0.15391EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessusadded 2018/05/02 12:0 a.m.31 views

EulerOS 2.0 SP1 : libxml2 (EulerOS-SA-2018-1088)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial ...

9.8CVSS7.5AI score0.21755EPSS
Exploits0References4
Fedora
Fedoraadded 2018/02/14 5:11 p.m.46 views

[SECURITY] Fedora 26 Update: libxml2-2.9.7-1.fc26

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

10CVSS0.5AI score0.15391EPSS
Exploits4
Fedora
Fedoraadded 2018/01/30 6:12 p.m.39 views

[SECURITY] Fedora 27 Update: libxml2-2.9.7-1.fc27

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

10CVSS0.5AI score0.15391EPSS
Exploits4
Fedora
Fedoraadded 2017/04/19 9:32 a.m.34 views

[SECURITY] Fedora 25 Update: libxml2-2.9.4-2.fc25

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

10CVSS0.5AI score0.15391EPSS
Exploits11
Fedora
Fedoraadded 2017/04/19 7:53 a.m.49 views

[SECURITY] Fedora 24 Update: libxml2-2.9.4-2.fc24

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

10CVSS0.5AI score0.15391EPSS
Exploits11
ArchLinux
ArchLinuxadded 2016/11/01 12:0 a.m.523 views

[ASA-201611-2] libxml2: arbitrary code execution

Arch Linux Security Advisory ASA-201611-2 ========================================= Severity: Critical Date : 2016-11-01 CVE-ID : CVE-2016-4658 CVE-2016-5131 Package : libxml2 Type : arbitrary code execution Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package...

10CVSS1.1AI score0.15391EPSS
Exploits0References7
Debian
Debianadded 2016/10/31 5:9 p.m.46 views

[SECURITY] [DLA 691-1] libxml2 security update

Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy7 CVE ID : CVE-2016-4658 CVE-2016-5131 CVE-2016-4658 Namespace nodes must be copied to avoid use-after-free errors. But they dont necessarily have a physical representation in a document, so simply disallow them in XPointer ranges. CVE-2016-5131 The...

10CVSS8.6AI score0.15391EPSS
Exploits0
OSV
OSVadded 2016/10/31 12:0 a.m.39 views

DLA-691-1 libxml2 - security update

Bulletin has no description...

10CVSS7.4AI score0.15391EPSS
Exploits0
OSV
OSVadded 2016/09/25 10:59 a.m.1 views

DEBIAN-CVE-2016-4658

xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free an...

9.8CVSS8.5AI score0.15391EPSS
Exploits0References1
OSV
OSVadded 2016/09/25 10:59 a.m.10 views

CVE-2016-4658

xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free an...

9.8CVSS7.8AI score
Exploits0References13
NVD
NVDadded 2016/09/25 10:59 a.m.16 views

CVE-2016-4658

xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free an...

10CVSS7.9AI score0.15391EPSS
Exploits0References13
Debian CVE
Debian CVEadded 2016/09/25 10:0 a.m.39 views

CVE-2016-4658

xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free an...

10CVSS9.2AI score0.15391EPSS
Exploits0
OSV
OSVadded 2016/09/25 12:0 a.m.1 views

UBUNTU-CVE-2016-4658

xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free an...

9.8CVSS7.5AI score0.15391EPSS
Exploits0References11
Positive Technologies
Positive Technologiesadded 2016/09/25 12:0 a.m.4 views

PT-2016-3342

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.5 Description The issue allows remote attackers to execute arbitrary code or cause a denial of service due to a use-after-free and memory corruption via a crafted XML document. This is because namespace nodes in...

10CVSS7.5AI score0.20012EPSS
Exploits25References114
RedHat Linux
RedHat Linuxadded 2016/07/26 5:18 a.m.2 views

libxml2: Use after free triggered by XPointer paths beginning with range-to

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function...

8.8CVSS7.4AI score0.0369EPSS
Exploits0References5
OSV
OSVadded 2016/07/23 7:59 p.m.1 views

DEBIAN-CVE-2016-5131

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function...

8.8CVSS9.5AI score0.0369EPSS
Exploits0References1
Rows per page
Query Builder