university corporation for atmospheric research (ucar)

OSS LibrariesUSoss-project

Cumulative CVEs

Monthly snapshots

#63

Peak rank

Trend history

Full timeline

Top products

netcdf5

Latest CVEs

See all →

The 15 most recently published vulnerabilities affecting university corporation for atmospheric research (ucar).

CVE-2022-30045An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read.6.5May 17, 2022
CVE-2021-31598An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow.7.5Apr 24, 2021
CVE-2021-31348An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (out-of-bounds read after a certain strcspn f...6.5Apr 16, 2021
CVE-2021-31347An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (writing outside a memory region created by m...6.5Apr 16, 2021
CVE-2021-31229An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd() performs incorrect memory handling while parsing crafted XML files, which leads to an out-of-bounds write of ...6.5Apr 15, 2021
CVE-2021-30485An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference ...6.5Apr 11, 2021
CVE-2021-26222The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.8.1Feb 8, 2021
CVE-2021-26221The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.8.1Feb 8, 2021
CVE-2021-26220The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.8.1Feb 8, 2021
CVE-2019-20198An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_ent_ok() mishandles recursion, leading to stack consumption for a crafted XML file.6.5Dec 31, 2019
CVE-2019-20199An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to NULL pointer dereference while runn...6.5Dec 31, 2019
CVE-2019-20200An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in th...6.5Dec 31, 2019
CVE-2019-20201An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_* functions mishandle XML entities, leading to an infinite loop in which memory allocations occur.6.5Dec 31, 2019
CVE-2019-20202An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content() tries to use realloc on a block that was not allocated, leading to an invalid free and segmentation fault.6.5Dec 31, 2019
CVE-2019-20005An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while...6.5Dec 26, 2019