Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-3627 | 5.0 |
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML doc
|
10-02-2024 - 02:43 | 17-05-2016 - 14:08 | |
CVE-2016-4447 | 5.0 |
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
|
12-02-2023 - 23:21 | 09-06-2016 - 16:59 | |
CVE-2016-3705 | 5.0 |
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and applic
|
12-02-2023 - 23:18 | 17-05-2016 - 14:08 | |
CVE-2016-4483 | 5.0 |
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulne
|
29-06-2021 - 15:15 | 11-04-2017 - 16:59 | |
CVE-2015-8806 | 5.0 |
dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
|
11-09-2020 - 15:32 | 13-04-2016 - 17:59 | |
CVE-2016-2073 | 4.3 |
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.
|
23-04-2020 - 13:14 | 12-02-2016 - 15:59 | |
CVE-2016-1762 | 5.8 |
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
|
26-03-2019 - 17:11 | 24-03-2016 - 01:59 | |
CVE-2016-1840 | 6.8 |
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause
|
25-03-2019 - 17:27 | 20-05-2016 - 10:59 | |
CVE-2016-1839 | 4.3 |
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a craft
|
25-03-2019 - 17:27 | 20-05-2016 - 10:59 | |
CVE-2016-1838 | 4.3 |
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-
|
25-03-2019 - 17:26 | 20-05-2016 - 10:59 | |
CVE-2016-1837 | 4.3 |
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remot
|
25-03-2019 - 17:26 | 20-05-2016 - 10:59 | |
CVE-2016-1836 | 4.3 |
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via
|
25-03-2019 - 17:25 | 20-05-2016 - 10:59 | |
CVE-2016-1834 | 9.3 |
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of
|
25-03-2019 - 17:24 | 20-05-2016 - 10:59 | |
CVE-2016-1833 | 4.3 |
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafte
|
25-03-2019 - 17:22 | 20-05-2016 - 10:59 | |
CVE-2016-4449 | 5.8 |
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource con
|
18-01-2018 - 18:18 | 09-06-2016 - 16:59 | |
CVE-2016-1835 | 6.8 |
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.
|
05-01-2018 - 02:30 | 20-05-2016 - 10:59 |