Vulnerabilities (CVE)

Filtered by vendor Hp Subscribe
Filtered by product Icewall Federation Agent
Total 18 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-2182 3 Hp, Openssl, Oracle 6 Icewall Federation Agent, Icewall Mcrp, Icewall Sso and 3 more 2021-11-17 7.5 HIGH 9.8 CRITICAL
The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2016-6306 4 Hp, Nodejs, Novell and 1 more 7 Icewall Federation Agent, Icewall Mcrp, Icewall Sso and 4 more 2021-11-17 4.3 MEDIUM 5.9 MEDIUM
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
CVE-2016-4448 9 Apple, Hp, Mcafee and 6 more 21 Icloud, Iphone Os, Itunes and 18 more 2019-12-27 10.0 HIGH 9.8 CRITICAL
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
CVE-2016-9597 5 Canonical, Debian, Hp and 2 more 6 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 3 more 2019-10-09 5.0 MEDIUM 7.5 HIGH
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.
CVE-2016-4447 8 Apple, Canonical, Debian and 5 more 12 Iphone Os, Itunes, Mac Os X and 9 more 2019-03-26 5.0 MEDIUM 7.5 HIGH
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
CVE-2015-7499 7 Apple, Canonical, Debian and 4 more 15 Iphone Os, Mac Os X, Tvos and 12 more 2019-03-19 5.0 MEDIUM N/A
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVE-2015-7500 6 Apple, Canonical, Debian and 3 more 13 Iphone Os, Mac Os X, Tvos and 10 more 2019-03-08 5.0 MEDIUM N/A
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
CVE-2015-7942 5 Apple, Canonical, Debian and 2 more 9 Iphone Os, Mac Os X, Tvos and 6 more 2019-03-08 6.8 MEDIUM N/A
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.
CVE-2015-8242 5 Apple, Canonical, Hp and 2 more 12 Iphone Os, Mac Os X, Tvos and 9 more 2019-03-08 5.8 MEDIUM N/A
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
CVE-2015-5312 6 Apple, Canonical, Debian and 3 more 13 Iphone Os, Mac Os X, Tvos and 10 more 2019-03-08 7.1 HIGH N/A
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
CVE-2016-3627 5 Canonical, Debian, Hp and 2 more 6 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 3 more 2018-10-30 5.0 MEDIUM 7.5 HIGH
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.
CVE-2016-3705 5 Canonical, Debian, Hp and 2 more 6 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 3 more 2018-10-30 5.0 MEDIUM 7.5 HIGH
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.
CVE-2013-4820 1 Hp 7 Icewall Federation Agent, Icewall File Manager, Icewall Java Agent Library and 4 more 2018-05-10 2.1 LOW N/A
Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall SSO Agent Option 8.0 through 10.0, IceWall SSO Smart Device Option 10.0, IceWall SSO SAML2 Agent Option 8.0, IceWall SSO JAVA Agent Library 8.0 through 10.0, IceWall Federation Agent 3.0, and IceWall File Manager 3.0 through SP4 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVE-2017-8945 1 Hp 1 Icewall Federation Agent 2018-03-12 5.8 MEDIUM 6.1 MEDIUM
A Remote Unauthorized Disclosure of Information vulnerability in HPE IceWall Federation Agent version 3.0 was found.
CVE-2015-8317 5 Canonical, Debian, Hp and 2 more 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more 2017-09-14 5.0 MEDIUM N/A
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
CVE-2015-8241 5 Canonical, Debian, Hp and 2 more 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more 2017-09-14 6.4 MEDIUM N/A
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
CVE-2015-7498 5 Canonical, Debian, Hp and 2 more 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more 2017-09-14 5.0 MEDIUM N/A
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
CVE-2015-7497 5 Canonical, Debian, Hp and 2 more 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more 2017-09-14 5.0 MEDIUM N/A
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.