CRITICAL🇵🇱 Wersja polska

CVE-2016-4448

CVSS 9.8v3.1pub. 2016-06-09upd. 2026-05-06

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Apple Icloud

    APP
    Apple
    < 5.2.1
  • Apple iOS

    OS
    Apple
    ≤ 9.3.2
  • Apple Itunes

    APP
    Apple
    ≤ 12.4.1
  • Apple Mac Os X

    OS
    Apple
    < 10.11.6
  • Apple tvOS

    OS
    Apple
    ≤ 9.2.1
  • Apple watchOS

    OS
    Apple
    ≤ 2.2.1
  • HP Icewall Federation Agent

    APP
    Hp
    3.0
  • Mcafee Web Gateway

    APP
    Mcafee
    7.6.0.0 – 7.6.2.3≤ 7.5.2.10
  • Microsoft Windows

    OS
    Microsoft
    wszystkie wersje
  • Oracle Linux

    OS
    Oracle
    67
  • Oracle Vm Server

    OS
    Oracle
    3.33.4
  • Red Hat Enterprise Linux

    OS
    Redhat
    6.07.0
  • Red Hat Enterprise Linux Desktop

    OS
    Redhat
    6.07.0
  • Red Hat Enterprise Linux Server

    OS
    Redhat
    6.07.0
  • Red Hat Enterprise Linux Server Aus

    OS
    Redhat
    7.27.37.47.67.7
  • Red Hat Enterprise Linux Server Eus

    OS
    Redhat
    7.27.37.47.57.67.7
  • Red Hat Enterprise Linux Server Tus

    OS
    Redhat
    7.27.37.67.7
  • Red Hat Enterprise Linux Workstation

    OS
    Redhat
    6.07.0
  • Slackware Linux

    OS
    Slackware
    14.014.1
  • Tenable Log Correlation Engine

    APP
    Tenable
    4.8.0
  • Xmlsoft Libxml2

    APP
    Xmlsoft
    ≤ 2.9.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-8398CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-43300CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP