Skip to main content

Mini Xml

6 CVEs product

Monthly

CVE-2018-20593 MEDIUM POC This Month

In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mini Xml Fedora
NVD GitHub
CVSS 3.0
5.5
EPSS
1.3%
CVE-2018-20592 MEDIUM POC This Month

In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free Mini Xml Fedora
NVD GitHub
CVSS 3.0
5.5
EPSS
1.5%
CVE-2018-20005 MEDIUM POC This Month

An issue has been found in Mini-XML (aka mxml) 2.12. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free Mini Xml Fedora
NVD GitHub
CVSS 3.0
5.5
EPSS
1.1%
CVE-2018-20004 HIGH POC This Week

An issue has been found in Mini-XML (aka mxml) 2.12. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mini Xml Debian Linux Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
2.0%
CVE-2016-4571 MEDIUM This Month

The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mini Xml Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2016-4570 MEDIUM This Month

The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mini Xml Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
EPSS 1% CVSS 5.5
MEDIUM POC This Month

In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mini Xml +1
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free +2
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC This Month

An issue has been found in Mini-XML (aka mxml) 2.12. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free +2
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

An issue has been found in Mini-XML (aka mxml) 2.12. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Mini Xml +2
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mini Xml Debian Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mini Xml Debian Linux
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy