Vulnerabilities (CVE)

Vendor filter

Filter

1668 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-5923 1 Hp 130 Color Laserjet Cm4540 Mfp Firmware, Color Laserjet Cp5525 Firmware, Color Laserjet Enterprise Flow Mfp M681f Firmware and 127 more 2019-04-18 7.5
In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code.
CVE-2019-5736 9 Docker, Google, Linuxcontainers and 6 more 11 Docker, Kubernetes Engine, Lxc and 8 more 2019-04-17 9.3
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these...
CVE-2019-3483 1 Hp 1 Arcsight Logger 2019-03-25 6.8
Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3482 1 Hp 1 Arcsight Logger 2019-03-25 6.8
Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3481 1 Hp 1 Arcsight Logger 2019-03-25 7.5
Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3479 1 Hp 1 Arcsight Logger 2019-03-25 7.5
Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3484 1 Hp 1 Arcsight Logger 2019-03-25 7.2
Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3480 1 Hp 1 Arcsight Logger 2019-03-25 4.3
Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7.
CVE-2016-3092 4 Hp, Apache, Debian and 1 more 6 Ubuntu Linux, Tomcat, Debian Linux and 3 more 2019-03-25 7.8
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of...
CVE-2015-7499 7 Apple, Xmlsoft, Canonical and 4 more 16 Libxml2, Ubuntu Linux, Debian Linux and 13 more 2019-03-19 5.0
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVE-2013-4854 10 Slackware, Freebsd, Redhat and 7 more 13 Hp-ux, Dnsco Bind, Enterprise Linux and 10 more 2019-03-18 7.8
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service...
CVE-2017-12500 1 Hp 1 Intelligent Management Center 2019-03-08 9.0
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVE-2017-12557 1 Hp 1 Intelligent Management Center 2019-03-08 10.0
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
CVE-2017-8979 1 Hp 1 Integrated Lights-out 2 Firmware 2019-03-08 7.5
Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service.
CVE-2017-8982 1 Hp 1 Intelligent Management Center 2019-03-08 5.0
A Remote Authentication Restriction Bypass vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found.
CVE-2016-4447 6 Apple, Oracle, Canonical and 3 more 11 Libxml2, Ubuntu Linux, Debian Linux and 8 more 2019-03-08 5.0
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
CVE-2015-5312 6 Apple, Xmlsoft, Canonical and 3 more 14 Libxml2, Ubuntu Linux, Debian Linux and 11 more 2019-03-08 7.1
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different...
CVE-2015-7500 6 Apple, Xmlsoft, Canonical and 3 more 14 Libxml2, Ubuntu Linux, Debian Linux and 11 more 2019-03-08 5.0
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
CVE-2015-7942 5 Hp, Apple, Debian and 2 more 10 Libxml2, Ubuntu Linux, Debian Linux and 7 more 2019-03-08 6.8
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash)...
CVE-2015-8242 5 Xmlsoft, Hp, Apple and 2 more 13 Libxml2, Ubuntu Linux, Enterprise Linux Desktop and 10 more 2019-03-08 5.8
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive...