Lucene search
+L

11 matches found

CVE
CVE
added 2016/09/25 10:0 a.m.418 views

CVE-2016-4658

CVE-2016-4658 affects libxml2 up to version 2.9.4 (and is noted in Apple platforms such as iOS/OS X/watchOS as affected). The issue arises from allowing namespace nodes in XPointer ranges, which can enable a remote attacker to cause arbitrary code execution or a denial of service (use-after-free/...

10CVSS8AI score0.08628EPSS
CVE
CVE
added 2016/05/20 10:0 a.m.189 views

CVE-2016-1839

CVE-2016-1839 involves libxml2 where the xmlDictAddString function in dict.c can cause a heap-based buffer over-read, leading to a denial of service. The issue affects libxml2 up to version 2.9.4 (as used in Apple iOS, macOS, tvOS, watchOS). A later linked entry (CVE-2017-9050) confirms this was ...

5.5CVSS6.4AI score0.07347EPSS
CVE
CVE
added 2016/03/24 1:0 a.m.169 views

CVE-2016-1762

CVE-2016-1762 (and related libxml2 flaws) affects the GNOME libxml2 library where crafted XML input can cause denial of service or code execution. The primary cited issue is a heap-based buffer over-read in xmlNextChar prior to libxml2 2.9.4. Public advisories list multiple CVEs (e.g., 2016-1833/...

8.1CVSS7AI score0.06466EPSS
CVE
CVE
added 2016/05/20 10:0 a.m.156 views

CVE-2016-1834

CVE-2016-1834 describes a heap-based buffer overflow in libxml2's xmlStrncat function prior to 2.9.4, affecting Apple iOS/tvOS/watchOS and OS X before patched versions. Exploitation could lead to remote code execution or memory corruption and potential denial of service when processing crafted XM...

9.3CVSS8.6AI score0.04622EPSS
CVE
CVE
added 2016/04/11 9:0 p.m.153 views

CVE-2015-8710

CVE-2015-8710 affects libxml2: denial of service and possible information disclosure from an out-of-bounds memory access when parsing an unclosed HTML comment. Publicly reported in multiple vendor advisories (IBM IMM/IMM2, RackSwitch, F5 BIG-IP, Rational DOORS, etc.). Remediation across products ...

9.8CVSS9.7AI score0.04925EPSS
CVE
CVE
added 2016/05/20 10:0 a.m.145 views

CVE-2016-1840

CVE-2016-1840: libxml2 contains a heap-based buffer overflow in xmlFAParsePosCharGroup (pre-2.9.4). Affected on Apple iOS (pre-9.3.2), OS X (pre-10.11.5), tvOS (pre-9.2.1), watchOS (pre-2.2.1); can lead to remote code execution or memory corruption. Remediation: upgrade libxml2 to 2.9.4 or later ...

7.8CVSS8.6AI score0.03239EPSS
CVE
CVE
added 2016/04/13 5:0 p.m.144 views

CVE-2015-8806

CVE-2015-8806 — libxml2 heap-buffer overread in dict.c . A remote attacker can crash an affected application by sending a crafted HTML document containing an unexpected character immediately after the "

7.5CVSS7.1AI score0.04964EPSS
CVE
CVE
added 2016/05/20 10:0 a.m.143 views

CVE-2016-1833

CVE-2016-1833 is a libxml2 memory corruption issue where the htmlCurrentChar function can cause a heap-based buffer over-read during parsing of crafted XML. Public details in connected docs indicate affected platforms include Apple iOS, macOS, tvOS, watchOS and related libxml2 usage, with version...

5.5CVSS6.3AI score0.02559EPSS
CVE
CVE
added 2016/05/20 10:0 a.m.143 views

CVE-2016-1836

CVE-2016-1836 is a use-after-free in libxml2 (xmlDictComputeFastKey). Public mentions tie it to libxml2 up to 2.9.4, with affected Apple platforms (iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, watchOS before 2.2.1) and a DoS impact via crafted XML, per vendor advisories. Connected do...

5.5CVSS6.5AI score0.03926EPSS
CVE
CVE
added 2016/05/20 10:0 a.m.141 views

CVE-2016-1837

CVE-2016-1837 is a use-after-free/memory corruption vulnerability in libxml2 affecting the htmlParsePubidLiteral and htmlParseSystemLiteral paths, leading to denial of service. Public references in the Initial document note a MEDIUM (CVSSv3 base 5.5) impact with LOCAL attack vector and user inter...

5.5CVSS6.6AI score0.04092EPSS
CVE
CVE
added 2016/02/12 3:26 p.m.116 views

CVE-2016-2073

CVE-2016-2073 affects libxml2: a vulnerability in htmlParseNameComplex() can cause a heap-based buffer overflow / out-of-bounds read, leading to potential denial of service or code execution when processing a crafted XML file. The connected IBM/IBM Guards pages confirm the issue and list affected...

6.5CVSS7.1AI score0.0231EPSS