|Max CVSS||7.5||Min CVSS||4.3||Total Count||6|
|ID||CVSS||Summary||Last (major) update||Published|
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 188.8.131.52.0, 184.108.40.206, and 220.127.116.11 and other products, loads external parameter entities regardless
|02-01-2017 - 21:59||21-01-2015 - 09:59|
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
|21-12-2016 - 21:59||14-08-2015 - 14:59|
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed H
|29-11-2016 - 22:02||11-04-2016 - 17:59|
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute ar
|27-01-2014 - 23:48||27-11-2012 - 20:55|
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|23-01-2014 - 23:21||07-01-2012 - 06:55|
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
|06-02-2013 - 23:45||19-09-2011 - 08:02|