Markvision Enterprise
by Lexmark
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-8741 | 0.09 | — | 0.77 | Jan 27, 2020 | Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors. | |||
| CVE-2014-8742 | 0.01 | — | 0.04 | Jan 27, 2020 | Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to read arbitrary files via unspecified vectors. | |||
| CVE-2016-1487 | 0.00 | — | 0.03 | Mar 9, 2020 | Lexmark Markvision Enterprise before 2.3.0 misuses the Apache Commons Collections Library, leading to remote code execution because of Java deserialization. | |||
| CVE-2016-6918 | 0.00 | — | 0.02 | Mar 9, 2020 | Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attackers to execute arbitrary commands by uploading files. ( | |||
| CVE-2014-9375 | 0.00 | — | 0.03 | Feb 16, 2015 | Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot) in a file path in a ZIP archive. | |||
| CVE-2013-3055 | 0.00 | — | 0.04 | Apr 25, 2013 | Lexmark Markvision Enterprise before 1.8 provides a diagnostic interface on TCP port 9789, which allows remote attackers to execute arbitrary code, change the configuration, or obtain sensitive fleet-management information via unspecified vectors. |
- CVE-2014-8741Jan 27, 2020risk 0.09cvss —epss 0.77
Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors.
- CVE-2014-8742Jan 27, 2020risk 0.01cvss —epss 0.04
Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to read arbitrary files via unspecified vectors.
- CVE-2016-1487Mar 9, 2020risk 0.00cvss —epss 0.03
Lexmark Markvision Enterprise before 2.3.0 misuses the Apache Commons Collections Library, leading to remote code execution because of Java deserialization.
- CVE-2016-6918Mar 9, 2020risk 0.00cvss —epss 0.02
Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attackers to execute arbitrary commands by uploading files. (
- CVE-2014-9375Feb 16, 2015risk 0.00cvss —epss 0.03
Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot) in a file path in a ZIP archive.
- CVE-2013-3055Apr 25, 2013risk 0.00cvss —epss 0.04
Lexmark Markvision Enterprise before 1.8 provides a diagnostic interface on TCP port 9789, which allows remote attackers to execute arbitrary code, change the configuration, or obtain sensitive fleet-management information via unspecified vectors.