Libxml Security Vulnerabilities and Issues — Libxml CVE List

Lucene search

XmlsoftLibxml

8 matches found

CVE•added 2015/08/14 6:59 p.m.•193 views

CVE-2015-1819

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

5CVSS6.5AI score0.02464EPSS

CVE•added 2011/09/02 4:55 p.m.•128 views

CVE-2011-1944

Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when addi...

9.3CVSS8.4AI score0.16509EPSS

CVE•added 2009/08/11 6:30 p.m.•115 views

CVE-2009-2414

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the C...

4.3CVSS6.2AI score0.01069EPSS

CVE•added 2009/08/11 6:30 p.m.•113 views

CVE-2009-2416

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Cod...

6.5CVSS6.7AI score0.00296EPSS

CVE•added 2008/11/25 11:30 p.m.•88 views

CVE-2008-4225

Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.

7.8CVSS6.6AI score0.02334EPSS

CVE•added 2008/11/25 11:30 p.m.•63 views

CVE-2008-4226

Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.

10CVSS7.5AI score0.03817EPSS

CVE•added 2005/03/01 5:0 a.m.•57 views

CVE-2004-0989

Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly han...

10CVSS6.9AI score0.2823EPSS

CVE•added 2004/03/15 5:0 a.m.•54 views

CVE-2004-0110

Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.

7.5CVSS6.8AI score0.41518EPSS