Vulnerabilities > Xmlsoft

DATE CVE VULNERABILITY TITLE RISK
2018-07-19 CVE-2018-14404 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case.
network
low complexity
canonical debian xmlsoft CWE-476
7.5
2018-04-08 CVE-2017-18258 Allocation of Resources Without Limits or Throttling vulnerability in Xmlsoft Libxml2
The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.
network
low complexity
xmlsoft CWE-770
6.5
2018-04-04 CVE-2018-9251 Infinite Loop vulnerability in multiple products
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
network
high complexity
xmlsoft debian CWE-835
5.3
2018-02-19 CVE-2017-7376 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
network
low complexity
xmlsoft google debian CWE-119
critical
9.8
2018-02-19 CVE-2017-7375 XXE vulnerability in multiple products
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes).
network
low complexity
xmlsoft debian google CWE-611
critical
9.8
2018-02-07 CVE-2017-5130 Out-of-bounds Write vulnerability in multiple products
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
network
low complexity
google debian xmlsoft CWE-787
8.8
2017-11-23 CVE-2017-16932 Infinite Loop vulnerability in Xmlsoft Libxml2
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
network
low complexity
xmlsoft CWE-835
7.5
2017-11-23 CVE-2017-16931 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xmlsoft Libxml2
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.
network
low complexity
xmlsoft CWE-119
critical
9.8
2017-05-18 CVE-2017-9050 Out-of-bounds Read vulnerability in Xmlsoft Libxml2 2.9.4
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c.
network
low complexity
xmlsoft CWE-125
7.5
2017-05-18 CVE-2017-9049 Out-of-bounds Read vulnerability in Xmlsoft Libxml2 2.9.4
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c.
network
low complexity
xmlsoft CWE-125
7.5