The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.
|80691||Oracle Solaris Third-Party Patch Update : libxml2 (cve_2013_1969_resource_management)||Nessus||Solaris Local Security Checks|
|79964||GLSA-201412-11 : AMD64 x86 emulation base libraries: Multiple vulnerabilities (Heartbleed)||Nessus||Gentoo Local Security Checks|
|74982||openSUSE Security Update : libxml2 (openSUSE-SU-2013:0945-1)||Nessus||SuSE Local Security Checks|
|70836||GLSA-201311-06 : libxml2: Multiple vulnerabilities||Nessus||Gentoo Local Security Checks|
|66346||Ubuntu 13.04 : libxml2 vulnerability (USN-1817-1)||Nessus||Ubuntu Local Security Checks|