VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Xmlsoft
>
Libxml2
> 2.7.1
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2016-05-16
CVE-2015-6837
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838.
network
low complexity
php
xmlsoft
7.5
7.5
2016-04-13
CVE-2015-8806
dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
network
low complexity
xmlsoft
canonical
debian
7.5
7.5
2016-04-11
CVE-2015-8710
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
network
low complexity
xmlsoft
debian
CWE-119
critical
9.8
9.8
2016-03-24
CVE-2016-1762
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
network
low complexity
apple
debian
canonical
xmlsoft
redhat
mcafee
CWE-119
8.1
8.1
2016-02-12
CVE-2016-2073
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.
network
low complexity
xmlsoft
debian
canonical
CWE-119
6.5
6.5
«
Previous
1
2
3
4
5
(current)
»