|Max CVSS||6.8||Min CVSS||4.3||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entit
|30-10-2018 - 16:27||25-04-2013 - 23:55|
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource con
|18-01-2018 - 18:18||09-06-2016 - 16:59|
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute ar
|29-08-2017 - 01:32||28-11-2012 - 01:55|
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing
|08-12-2016 - 03:05||04-11-2014 - 16:55|
Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|28-01-2014 - 04:45||27-06-2012 - 10:18|
libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.
|28-01-2014 - 04:42||21-12-2012 - 05:46|