Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

xmlsoft

About This Vendor

xmlsoft is a technology vendor producing software and infrastructure products. As a software provider, xmlsoft's broad product portfolio across multiple domains—including operating systems, cloud infrastructure, enterprise applications, databases, networking, and security tools—creates a large attack surface. Additionally, long support cycles, widespread deployment, and continuous feature development contribute to the accumulation of discovered vulnerabilities over time. Major vendors typically report higher CVE counts not necessarily due to inferior security, but because of greater exposure to security research, responsible disclosure practices, and the sheer complexity of maintaining multiple product lines and legacy systems. Regular security assessments and patching of xmlsoft's products are critical for organizations running their software in production environments.

Vulnerability Trends for This Vendor

SecUtils has indexed 129 known vulnerabilities from xmlsoft. This includes 13 critical-severity issues and 55 high-severity issues that represent significant risk. These vulnerabilities affect 141 distinct products across xmlsoft's portfolio, demonstrating the breadth of the vendor's product ecosystem and the importance of comprehensive patch management strategies. Disclosure dates span from 2003 through 2025, indicating decades of continuous security attention and research. Organizations deploying xmlsoft products should maintain active vulnerability monitoring, prioritize critical patches, and implement compensating controls where patches cannot be applied immediately.

ID	Date Published	Last Modified	Severity (CVSSv3)	Severity (CVSSv2)	Exploit Available
CVE-2003-1564	2003-12-31	2025-04-03	6.5	9.3	Likely
CVE-2004-0110	2004-03-15	2025-04-03	-	7.5	Likely
CVE-2004-0989	2005-03-01	2025-04-03	-	10.0	Likely
CVE-2008-2935	2008-08-01	2025-04-09	-	7.5	Likely
CVE-2008-3281	2008-08-27	2025-04-09	6.5	4.3	Likely
CVE-2008-3529	2008-09-12	2025-04-09	-	10.0	Likely
CVE-2008-4409	2008-10-03	2025-04-09	-	5.0	Likely
CVE-2008-4225	2008-11-25	2025-04-09	-	7.8	Likely
CVE-2008-4226	2008-11-25	2025-04-09	-	10.0	Likely
CVE-2009-2414	2009-08-11	2025-04-09	-	4.3	Likely
CVE-2009-2416	2009-08-11	2025-04-09	6.5	4.3	Likely
CVE-2010-4008	2010-11-17	2025-04-11	-	4.3	Likely
CVE-2010-4494	2010-12-07	2025-04-11	-	7.5	Likely
CVE-2011-1202	2011-03-11	2025-04-11	-	4.3	Likely
CVE-2011-1944	2011-09-02	2025-04-11	-	9.3	Likely
CVE-2011-3970	2012-02-09	2025-04-11	-	4.3	Likely
CVE-2012-2870	2012-08-31	2025-04-11	-	4.3	Likely
CVE-2012-2871	2012-08-31	2025-04-11	-	6.8	Likely
CVE-2012-5134	2012-11-28	2025-04-11	-	6.8	Likely
CVE-2012-0841	2012-12-21	2025-04-11	-	5.0	Likely
CVE-2012-6139	2013-04-12	2025-04-11	-	5.0	Likely
CVE-2013-0338	2013-04-25	2025-04-11	-	4.3	Likely
CVE-2013-1969	2013-04-25	2025-04-11	-	7.5	Likely
CVE-2013-2877	2013-07-10	2025-04-11	-	5.0	Likely
CVE-2013-4520	2013-12-14	2025-04-11	-	4.3	Likely
CVE-2013-0339	2014-01-21	2025-04-11	-	6.8	Likely
CVE-2014-3660	2014-11-04	2025-04-12	-	5.0	Likely
CVE-2015-1819	2015-08-14	2025-04-12	-	5.0	Likely
CVE-2015-7995	2015-11-17	2025-04-12	-	5.0	Likely
CVE-2015-7941	2015-11-18	2025-04-12	-	4.3	Likely
CVE-2015-7942	2015-11-18	2025-04-12	-	6.8	Likely
CVE-2015-8035	2015-11-18	2025-04-12	-	2.6	Unknown
CVE-2015-5312	2015-12-15	2025-04-12	-	7.1	Likely
CVE-2015-7497	2015-12-15	2025-04-12	-	5.0	Likely
CVE-2015-7498	2015-12-15	2025-04-12	-	5.0	Likely
CVE-2015-7499	2015-12-15	2025-04-12	-	5.0	Likely
CVE-2015-7500	2015-12-15	2025-04-12	-	5.0	Likely
CVE-2015-8241	2015-12-15	2025-04-12	-	6.4	Likely
CVE-2015-8242	2015-12-15	2025-04-12	-	5.8	Likely
CVE-2015-8317	2015-12-15	2025-04-12	-	5.0	Likely
CVE-2016-2073	2016-02-12	2025-04-12	6.5	4.3	Likely
CVE-2016-1762	2016-03-24	2025-12-17	8.1	5.8	Likely
CVE-2015-8710	2016-04-11	2025-04-12	9.8	7.5	Likely
CVE-2015-8806	2016-04-13	2025-04-12	7.5	5.0	Likely
CVE-2015-6837	2016-05-16	2025-04-12	7.5	5.0	Likely
CVE-2015-6838	2016-05-16	2025-04-12	7.5	5.0	Likely
CVE-2016-3627	2016-05-17	2025-12-04	7.5	5.0	Likely
CVE-2016-3705	2016-05-17	2025-04-12	7.5	5.0	Likely
CVE-2016-1833	2016-05-20	2025-04-12	5.5	4.3	Likely
CVE-2016-1834	2016-05-20	2025-12-04	7.8	9.3	Likely
CVE-2016-1836	2016-05-20	2025-04-12	5.5	4.3	Likely
CVE-2016-1837	2016-05-20	2025-04-12	5.5	4.3	Likely
CVE-2016-1838	2016-05-20	2025-04-12	5.5	4.3	Likely
CVE-2016-1839	2016-05-20	2025-04-12	5.5	4.3	Likely
CVE-2016-1840	2016-05-20	2025-04-12	7.8	6.8	Likely
CVE-2016-1683	2016-06-05	2025-04-12	7.5	5.1	Unknown
CVE-2016-1684	2016-06-05	2025-04-12	7.5	5.1	Unknown
CVE-2016-4447	2016-06-09	2025-04-12	7.5	5.0	Likely
CVE-2016-4448	2016-06-09	2025-04-12	9.8	10.0	Likely
CVE-2016-4449	2016-06-09	2025-04-12	7.1	5.8	Likely
CVE-2016-4607	2016-07-22	2025-04-12	9.8	7.5	Likely
CVE-2016-4608	2016-07-22	2025-04-12	9.8	7.5	Likely
CVE-2016-4609	2016-07-22	2025-04-12	9.8	7.5	Likely
CVE-2016-4610	2016-07-22	2025-04-12	9.8	7.5	Likely
CVE-2016-5131	2016-07-23	2025-12-04	8.8	6.8	Likely
CVE-2016-4658	2016-09-25	2025-04-12	9.8	10.0	Likely
CVE-2016-9318	2016-11-16	2025-12-04	5.5	4.3	Likely
CVE-2015-9019	2017-04-05	2025-04-20	5.3	5.0	Likely
CVE-2016-4483	2017-04-11	2025-04-20	7.5	5.0	Likely
CVE-2017-5969	2017-04-11	2025-04-20	4.7	2.6	Unknown
CVE-2017-5029	2017-04-24	2025-04-20	8.8	6.8	Likely
CVE-2017-8872	2017-05-10	2025-12-17	9.1	6.4	Likely
CVE-2017-9047	2017-05-18	2025-04-20	7.5	5.0	Likely
CVE-2017-9048	2017-05-18	2025-12-18	7.5	5.0	Likely
CVE-2017-9049	2017-05-18	2025-12-18	7.5	5.0	Likely
CVE-2017-9050	2017-05-18	2025-12-17	7.5	5.0	Likely
CVE-2017-16931	2017-11-23	2025-04-20	9.8	7.5	Likely
CVE-2017-16932	2017-11-23	2026-01-22	7.5	5.0	Likely
CVE-2017-5130	2018-02-07	2025-12-03	8.8	6.8	Likely
CVE-2017-7375	2018-02-19	2025-12-03	9.8	7.5	Likely
CVE-2017-7376	2018-02-19	2024-11-21	9.8	10.0	Likely
CVE-2018-9251	2018-04-04	2024-11-21	5.3	2.6	Unknown
CVE-2017-18258	2018-04-08	2024-11-21	6.5	4.3	Likely
CVE-2018-14404	2018-07-19	2025-12-03	6.5	5.0	Likely
CVE-2016-9597	2018-07-30	2024-11-21	7.5	5.0	Likely
CVE-2016-9596	2018-08-16	2024-11-21	6.5	4.3	Likely
CVE-2016-9598	2018-08-16	2024-11-21	6.5	4.3	Likely
CVE-2018-14567	2018-08-16	2024-11-21	6.5	4.3	Likely
CVE-2017-15412	2018-08-28	2024-11-21	8.8	6.8	Likely
CVE-2019-11068	2019-04-10	2024-11-21	9.8	7.5	Likely
CVE-2019-13117	2019-07-01	2024-11-21	5.3	5.0	Likely
CVE-2019-13118	2019-07-01	2024-11-21	5.3	5.0	Likely
CVE-2019-18197	2019-10-18	2024-11-21	7.5	5.1	Unknown
CVE-2019-5815	2019-12-11	2024-11-21	7.5	5.0	Likely
CVE-2019-19956	2019-12-24	2025-12-03	7.5	5.0	Likely
CVE-2019-20388	2020-01-21	2025-12-17	7.5	5.0	Likely
CVE-2020-7595	2020-01-21	2025-12-03	7.5	5.0	Likely
CVE-2020-24977	2020-09-04	2024-11-21	6.5	6.4	Likely
CVE-2021-3537	2021-05-14	2024-11-21	5.9	4.3	Likely
CVE-2021-3518	2021-05-18	2024-11-21	8.8	6.8	Likely
CVE-2021-3517	2021-05-19	2025-12-02	8.6	7.5	Likely
CVE-2021-3516	2021-06-01	2024-11-21	7.8	6.8	Likely
CVE-2021-3541	2021-07-09	2024-11-21	6.5	4.0	Likely
CVE-2021-30560	2021-08-03	2025-05-05	8.8	6.8	Likely
CVE-2022-23308	2022-02-26	2025-05-05	7.5	4.3	Likely
CVE-2022-29824	2022-05-03	2024-11-21	6.5	4.3	Likely
CVE-2022-2309	2022-07-05	2025-11-04	7.5	5.0	Likely
CVE-2016-3709	2022-07-28	2025-11-04	6.1	-	-
CVE-2022-40303	2022-11-23	2025-04-29	7.5	-	-
CVE-2022-40304	2022-11-23	2025-04-28	7.8	-	-
CVE-2023-28484	2023-04-24	2025-05-30	6.5	-	-
CVE-2023-29469	2023-04-24	2025-02-04	6.5	-	-
CVE-2023-39615	2023-08-29	2025-11-03	6.5	-	-
CVE-2023-45322	2023-10-06	2025-11-03	6.5	-	-
CVE-2024-25062	2024-02-04	2025-11-03	7.5	-	-
CVE-2024-34459	2024-05-14	2025-11-04	7.5	-	-
CVE-2024-40896	2024-12-23	2025-11-25	9.1	-	-
CVE-2022-49043	2025-01-26	2025-11-03	8.1	-	-
CVE-2024-56171	2025-02-18	2025-11-03	7.8	-	-
CVE-2025-24928	2025-02-18	2025-11-03	7.8	-	-
CVE-2025-27113	2025-02-18	2025-11-03	2.9	-	-
CVE-2024-55549	2025-03-14	2025-11-03	7.8	-	-
CVE-2025-24855	2025-03-14	2025-11-03	7.8	-	-
CVE-2025-32414	2025-04-08	2025-11-03	5.6	-	-
CVE-2025-32415	2025-04-17	2025-11-03	2.9	-	-
CVE-2025-6021	2025-06-12	2026-02-06	7.5	-	-
CVE-2025-6170	2025-06-16	2025-11-03	2.5	-	-
CVE-2025-7424	2025-07-10	2026-01-21	7.5	-	-
CVE-2025-9714	2025-09-10	2025-11-03	6.2	-	-

How SecUtils Normalizes Vendor Data

SecUtils aggregates National Vulnerability Database (NVD) and MITRE records for xmlsoft by normalizing vendor identifiers across diverse data sources, mapping vendor names to their associated product lines, and collecting all known vulnerabilities under a unified vendor context. For every CVE associated with xmlsoft's products, we extract and structure Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) categories, CVSS severity metrics, and reference links to enable rapid vulnerability identification and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and vendor vulnerability tracking.