Lucene search
K
LexmarkMarkvision Enterprise

5 matches found

CVE
CVE
added 2020/03/09 6:6 p.m.117 views

CVE-2016-1487

CVE-2016-1487 affects Lexmark Markvision Enterprise prior to 2.3.0, where unsafe deserialization of untrusted Java objects in Apache Commons Collections via the RMI interface enables remote code execution. The root cause is deserialization of unauthenticated serialized objects, allowing an attack...

8.8CVSS9AI score0.0288EPSS
CVE
CVE
added 2020/03/09 4:32 p.m.58 views

CVE-2016-6918

Summary: CVE-2016-6918 affects Lexmark Markvision Enterprise (MVE) prior to version 2.4.1, where a remote attacker can execute arbitrary commands by uploading files. The connected documents consistently describe this as a vulnerability in MVE before 2.4.1 with no explicit exploitation details inc...

10CVSS9.7AI score0.01918EPSS
CVE
CVE
added 2020/01/27 5:29 p.m.51 views

CVE-2014-8742

Lexmark MarkVision Enterprise prior to 2.1 is affected by CVE-2014-8742, a directory traversal vulnerability in the ReportDownloadServlet that allows remote attackers to read arbitrary files. The root cause is improper handling/sanitization of input leading to unauthorized file disclosure. Some s...

7.8CVSS7.3AI score0.04366EPSS
CVE
CVE
added 2020/01/27 5:29 p.m.50 views

CVE-2014-8741

CVE-2014-8741 documents a directory traversal vulnerability in the Lexmark MarkVision Enterprise product, specifically the GfdFileUploadServerlet servlet, before version 2.1. The issue allows a remote attacker to write to arbitrary files via unspecified vectors, with public references noting poss...

10CVSS9.3AI score0.77198EPSS
Web
CVE
CVE
added 2015/02/16 3:0 p.m.41 views

CVE-2014-9375

Lexmark Markvision Enterprise’s LibraryFileUploadServlet is vulnerable to a directory-traversal in ZIP processing. A crafted ZIP can write arbitrary files and allow remote code execution. ZDI-15-046 reports that authentication is not required and an attacker could upload files to arbitrary locati...

9CVSS7AI score0.0319EPSS