Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
XmlsoftLibxml2*

3 matches found

CVE
CVEadded 2017/11/23 9:29 p.m.234 views

CVE-2017-16931

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.

9.8CVSS8.9AI score0.00462EPSS
CVE
CVEadded 2017/11/23 9:29 p.m.181 views

CVE-2017-16932

parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.

7.5CVSS6.7AI score0.01584EPSS
CVE
CVEadded 2017/04/11 4:59 p.m.140 views

CVE-2016-4483

The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.

7.5CVSS7.2AI score0.0127EPSS