Xmlsoft

Libxml2

106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 8.53%
  • Veröffentlicht 03.10.2008 17:41:40
  • Zuletzt bearbeitet 16.06.2026 22:57:45

libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash), as demonstrated by use of xmllint on a c...

Exploit
  • EPSS 23.37%
  • Veröffentlicht 12.09.2008 16:56:20
  • Zuletzt bearbeitet 16.06.2026 22:55:59

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.

  • EPSS 2.51%
  • Veröffentlicht 27.08.2008 20:41:00
  • Zuletzt bearbeitet 16.06.2026 22:55:31

libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.

Exploit
  • EPSS 21.69%
  • Veröffentlicht 01.03.2005 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:48

Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy...

  • EPSS 24.23%
  • Veröffentlicht 15.03.2004 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:04:57

Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.

  • EPSS 1.62%
  • Veröffentlicht 31.12.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:04:39

libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nes...