Search CVE reports


Toggle filters

61 – 70 of 127 results


CVE-2016-4658

Medium priority
Fixed

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to...

1 affected package

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libxml2
Show less packages

CVE-2016-5131

Medium priority

Some fixes available 12 of 16

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the...

3 affected packages

chromium-browser, libxml2, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser
libxml2
oxide-qt
Show less packages

CVE-2016-4619

Medium priority
Not affected

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-8317. Reason: This candidate is a reservation duplicate of CVE-2015-8317. Notes: All CVE users should reference CVE-2015-8317 instead of this candidate. ...

1 affected package

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libxml2
Show less packages

CVE-2016-4616

Medium priority
Ignored

libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory...

1 affected package

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libxml2
Show less packages

CVE-2016-4615

Medium priority
Ignored

libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory...

1 affected package

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libxml2
Show less packages

CVE-2016-4614

Medium priority
Ignored

libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory...

1 affected package

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libxml2
Show less packages

CVE-2016-4448

Low priority

Some fixes available 3 of 4

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

1 affected package

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libxml2
Show less packages

CVE-2016-4449

Low priority
Fixed

XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of...

1 affected package

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libxml2
Show less packages

CVE-2016-4447

Low priority
Fixed

The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.

1 affected package

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libxml2
Show less packages

CVE-2016-1840

Medium priority
Fixed

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute...

1 affected package

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libxml2
Show less packages