Vulnerabilities > Xmlsoft

DATE CVE VULNERABILITY TITLE RISK
2021-08-03 CVE-2021-30560 Use After Free vulnerability in multiple products
Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google xmlsoft debian splunk CWE-416
8.8
2021-07-09 CVE-2021-3541 XML Entity Expansion vulnerability in multiple products
A flaw was found in libxml2.
network
low complexity
xmlsoft redhat oracle netapp CWE-776
4.0
2021-06-01 CVE-2021-3516 Use After Free vulnerability in multiple products
There's a flaw in libxml2's xmllint in versions before 2.9.11.
7.8
2021-05-19 CVE-2021-3517 Out-of-bounds Write vulnerability in multiple products
There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11.
8.6
2021-05-18 CVE-2021-3518 Use After Free vulnerability in multiple products
There's a flaw in libxml2 in versions before 2.9.11.
8.8
2021-05-14 CVE-2021-3537 NULL Pointer Dereference vulnerability in multiple products
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference.
5.9
2020-09-04 CVE-2020-24977 Out-of-bounds Read vulnerability in multiple products
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c.
6.5
2020-01-21 CVE-2020-7595 Infinite Loop vulnerability in multiple products
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
7.5
2020-01-21 CVE-2019-20388 Memory Leak vulnerability in multiple products
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
7.5
2019-12-24 CVE-2019-19956 Memory Leak vulnerability in multiple products
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
7.5