| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-7499 | 5.0 |
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
|
13-02-2023 - 00:53 | 15-12-2015 - 21:59 | |
| CVE-2015-7500 | 5.0 |
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
|
13-02-2023 - 00:53 | 15-12-2015 - 21:59 | |
| CVE-2015-7497 | 5.0 |
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
|
12-02-2023 - 23:15 | 15-12-2015 - 21:59 | |
| CVE-2015-7498 | 5.0 |
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
|
12-02-2023 - 23:15 | 15-12-2015 - 21:59 | |
| CVE-2015-8710 | 7.5 |
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed H
|
26-02-2020 - 19:19 | 11-04-2016 - 21:59 | |
| CVE-2015-1819 | 5.0 |
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
|
27-12-2019 - 16:08 | 14-08-2015 - 18:59 | |
| CVE-2015-8242 | 5.8 |
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive informati
|
08-03-2019 - 16:06 | 15-12-2015 - 21:59 | |
| CVE-2015-7942 | 6.8 |
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via
|
08-03-2019 - 16:06 | 18-11-2015 - 16:59 | |
| CVE-2015-5312 | 7.1 |
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerab
|
08-03-2019 - 16:06 | 15-12-2015 - 21:59 | |
| CVE-2015-8317 | 5.0 |
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds
|
14-09-2017 - 01:29 | 15-12-2015 - 21:59 | |
| CVE-2015-7941 | 4.3 |
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSect
|
14-09-2017 - 01:29 | 18-11-2015 - 16:59 | |
| CVE-2015-8241 | 6.4 |
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML dat
|
14-09-2017 - 01:29 | 15-12-2015 - 21:59 |