Vulnerabilities (CVE)

Filtered by vendor Xmlsoft Subscribe
Filtered by product Libxml2
Total 93 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3660 5 Apple, Canonical, Debian and 2 more 5 Mac Os X, Ubuntu Linux, Debian Linux and 2 more 2025-04-12 5.0 MEDIUM N/A
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the "billion laughs" attack.
CVE-2015-7500 6 Apple, Canonical, Debian and 3 more 13 Iphone Os, Mac Os X, Tvos and 10 more 2025-04-12 5.0 MEDIUM N/A
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
CVE-2016-1834 6 Apple, Canonical, Debian and 3 more 14 Iphone Os, Mac Os X, Tvos and 11 more 2025-04-12 9.3 HIGH 7.8 HIGH
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
CVE-2015-7499 7 Apple, Canonical, Debian and 4 more 15 Iphone Os, Mac Os X, Tvos and 12 more 2025-04-12 5.0 MEDIUM N/A
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVE-2016-4658 2 Apple, Xmlsoft 5 Iphone Os, Mac Os X, Tvos and 2 more 2025-04-12 10.0 HIGH 9.8 CRITICAL
xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.
CVE-2015-8241 5 Canonical, Debian, Hp and 2 more 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more 2025-04-12 6.4 MEDIUM N/A
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
CVE-2016-4447 8 Apple, Canonical, Debian and 5 more 12 Iphone Os, Itunes, Mac Os X and 9 more 2025-04-12 5.0 MEDIUM 7.5 HIGH
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
CVE-2015-7498 5 Canonical, Debian, Hp and 2 more 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more 2025-04-12 5.0 MEDIUM N/A
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
CVE-2016-4448 9 Apple, Hp, Mcafee and 6 more 21 Icloud, Iphone Os, Itunes and 18 more 2025-04-12 10.0 HIGH 9.8 CRITICAL
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
CVE-2015-8035 4 Apple, Canonical, Debian and 1 more 7 Iphone Os, Mac Os X, Tvos and 4 more 2025-04-12 2.6 LOW N/A
The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.
CVE-2016-1836 6 Apple, Canonical, Debian and 3 more 14 Iphone Os, Mac Os X, Tvos and 11 more 2025-04-12 4.3 MEDIUM 5.5 MEDIUM
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.
CVE-2015-6838 2 Php, Xmlsoft 2 Php, Libxml2 2025-04-12 5.0 MEDIUM 7.5 HIGH
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument loop, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837.
CVE-2016-1762 6 Apple, Canonical, Debian and 3 more 15 Iphone Os, Mac Os X, Safari and 12 more 2025-04-12 5.8 MEDIUM 8.1 HIGH
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
CVE-2015-5312 6 Apple, Canonical, Debian and 3 more 13 Iphone Os, Mac Os X, Tvos and 10 more 2025-04-12 7.1 HIGH N/A
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
CVE-2015-8806 3 Canonical, Debian, Xmlsoft 3 Ubuntu Linux, Debian Linux, Libxml2 2025-04-12 5.0 MEDIUM 7.5 HIGH
dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
CVE-2016-1840 6 Apple, Canonical, Debian and 3 more 14 Iphone Os, Mac Os X, Tvos and 11 more 2025-04-12 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
CVE-2016-1837 6 Apple, Canonical, Debian and 3 more 14 Iphone Os, Mac Os X, Tvos and 11 more 2025-04-12 4.3 MEDIUM 5.5 MEDIUM
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a crafted XML document.
CVE-2015-7942 5 Apple, Canonical, Debian and 2 more 9 Iphone Os, Mac Os X, Tvos and 6 more 2025-04-12 6.8 MEDIUM N/A
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.
CVE-2015-7941 2 Canonical, Xmlsoft 2 Ubuntu Linux, Libxml2 2025-04-12 4.3 MEDIUM N/A
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.
CVE-2016-4449 3 Canonical, Debian, Xmlsoft 3 Ubuntu Linux, Debian Linux, Libxml2 2025-04-12 5.8 MEDIUM 7.1 HIGH
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.