936 matches found
CVE-2020-13481
Certain Lexmark products through 2020-05-25 allow XSS which allows an attacker to obtain session credentials and other sensitive information...
CVE-2020-35546
Lexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access control settings...
CVE-2020-10095
Various Lexmark devices have CSRF that allows an attacker to modify the configuration of the device...
CVE-2020-35546
Lexmark CVE-2020-35546 affects MX6500/MX6500e printers. A race condition exists while processing the state of the two security jumpers during boot, causing misreads of the security jumper state and the device to incorrectly believe the state has changed. The result is that security access control...
CVE-2020-35546
Lexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access control settings...
CVE-2020-10095
Various Lexmark devices have CSRF that allows an attacker to modify the configuration of the device...
CVE-2020-13481
Certain Lexmark products through 2020-05-25 allow XSS which allows an attacker to obtain session credentials and other sensitive information...
Lexmark 安全漏洞
Lexmark is a line of printers from Lexmark, USA. A security vulnerability exists in versions of Lexmark prior to 2020-05-25, which stems from vulnerability to cross-site scripting attacks that could allow an attacker to obtain sensitive information such as session credentials...
CVE-2020-13481
Certain Lexmark products through 2020-05-25 allow XSS which allows an attacker to obtain session credentials and other sensitive information...
CVE-2020-13481
Lexmark printers with embedded web servers are affected by CVE-2020-13481, a stored cross-site scripting (XSS) vulnerability. Multiple connected sources describe that the vulnerability enables an attacker to access session credentials and other information via the browser, originating from the de...
Lexmark 安全漏洞
Lexmark is a line of printers from Lexmark, a US-based company. A security vulnerability exists in Lexmark that stems from susceptibility to a cross-site request forgery attack that allows an attacker to modify the device configuration...
Lexmark MX6500 安全漏洞
The Lexmark MX6500 is a multifunction composite device printer from Lexmark, Inc. A security vulnerability exists in the Lexmark MX6500 LW75.JD.P296 and prior versions that stems from improper access control...
CVE-2020-10095
CVE-2020-10095 affects Lexmark devices (printers) with a CSRF vulnerability in the embedded web server that allows an attacker to modify the device configuration. The root cause is CSRF enabling unauthorized configuration changes, as described across multiple vendors/security feeds. Impact is the...
CVE-2020-35546
Lexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access control settings...
PT-2025-7273 · Lexmark · Lexmark Devices
Name of the Vulnerable Software and Affected Versions: Lexmark devices affected versions not specified Description: The issue allows an attacker to modify the configuration of the device due to a CSRF vulnerability. This enables the attacker to change device settings, potentially leading to...
CVE-2020-10095
Various Lexmark devices have CSRF that allows an attacker to modify the configuration of the device...
CVE-2024-11346
: Access of Resource Using Incompatible Type 'Type Confusion' vulnerability in Lexmark International CX, XC, CS, et. Al. Postscript interpreter modules allows Resource Injection.This issue affects CX, XC, CS, et. Al.: from 001.001:0 through 081.231, from ..P001 through ..P233, from ..P001 through...
CVE-2024-11344
A type confusion vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...
CVE-2024-11345
A heap-based memory vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...
CVE-2024-11347
Integer Overflow or Wraparound vulnerability in Lexmark International CX, XC, CS, et. Al. Postscript interpreter modules allows Forced Integer Overflow.The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user...