Hp

Icewall Federation Agent

18 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-9597

  • EPSS 1.33%
  • Published 30.07.2018 14:29:02
  • Last modified 21.11.2024 03:01:28

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression C...

6.1

CVE-2017-8945

  • EPSS 0.33%
  • Published 15.02.2018 22:29:07
  • Last modified 21.11.2024 03:35:02

A Remote Unauthorized Disclosure of Information vulnerability in HPE IceWall Federation Agent version 3.0 was found.

5.9

CVE-2016-6306

  • EPSS 9%
  • Published 26.09.2016 19:59:02
  • Last modified 12.04.2025 10:46:40

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

9.8

CVE-2016-2182

  • EPSS 36.38%
  • Published 16.09.2016 05:59:02
  • Last modified 12.04.2025 10:46:40

The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified ot...

10

CVE-2016-4448

  • EPSS 1.2%
  • Published 09.06.2016 16:59:06
  • Last modified 12.04.2025 10:46:40

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

7.5

CVE-2016-4447

Exploit
  • EPSS 3.33%
  • Published 09.06.2016 16:59:05
  • Last modified 12.04.2025 10:46:40

The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.

7.5

CVE-2016-3705

  • EPSS 1.03%
  • Published 17.05.2016 14:08:04
  • Last modified 12.04.2025 10:46:40

The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and applic...

7.5

CVE-2016-3627

  • EPSS 0.29%
  • Published 17.05.2016 14:08:02
  • Last modified 12.04.2025 10:46:40

The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML doc...

5

CVE-2015-8317

Exploit
  • EPSS 0.33%
  • Published 15.12.2015 21:59:09
  • Last modified 12.04.2025 10:46:40

The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds ...

5.8

CVE-2015-8242

  • EPSS 1.66%
  • Published 15.12.2015 21:59:07
  • Last modified 12.04.2025 10:46:40

The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive informati...