Lexmark Printers Denial of Service (CVE-2019-11358)

jQuery before 3.4.0 mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype. This can lead to a denial of service, remote code execution, or property injection...

Lexmark Printers Stored Cross-site Scripting (CVE-2020-13481)

A stored cross site scripting vulnerability has been identified in the embedded web server used in Lexmark devices. The vulnerability can be used to attack the user’s browser, exposing session credentials and other information accessible to the browser. %NASLMINLEVEL 80900 C Tenable, Inc...

Lexmark Printers Cross-site Request Forgery (CVE-2020-10095)

A vulnerability has been identified in the embedded web server used in Lexmark devices. The vulnerability allows the attacker to modify the configuration of the device. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503883; scriptversion"1.2";...

Lexmark Printers Server-Side Request Forgery (CVE-2025-9269)

A Server-Side Request Forgery SSRF vulnerability has been identified in the embedded web server in various Lexmark devices. This vulnerability can be leveraged by an attacker to force the device to send an arbitrary HTTP request to a third-party server. CVSSv4 Base Score 6.9...

Lexmark Printers Heap-based Buffer Overflow (CVE-2023-50739)

A buffer overflow vulnerability has been identified in the Internet Printing Protocol IPP in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503889;...

Lexmark Printers Improper Input Validation (CVE-2023-26067)

A trusted internal component of Lexmark devices has an input validation vulnerability. This vulnerability can be leveraged by an attacker who has already compromised the device to escalate privileges. NOTE: This vulnerability cannot be used to compromise a device, it can only be used on a device...

Lexmark Printers Integer Overflow or Wraparound (CVE-2024-11347)

An integer overflow vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Lexmark Printers Improper Input Validation (CVE-2023-26070)

An input validation vulnerability has been identified in the SNMP feature in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503895; scriptversion"1.3";...

Lexmark Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2018-17944)

On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. This occurs because stored credentials are...

Lexmark Printers Command Injection (CVE-2021-44735)

Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503880;...

Lexmark Printers Improper Restriction of Excessive Authentication Attempts (CVE-2023-22960)

Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503878;...

Lexmark Printers Cross-site Scripting (CVE-2019-19772)

Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&lo cale=en&userlocale=ENUS. This plugin only works with Tenable.ot. Please visit...

Lexmark Printers Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2018-15519)

Various Lexmark devices have a Buffer Overflow vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503860; scriptversion"1.3";...

Lexmark Printers Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2019-9933)

Various Lexmark products have a Buffer Overflow vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503879; scriptversion"1.2";...

Lexmark Printers Improper Input Validation (CVE-2022-29850)

Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Lexmark Printers Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2018-15520)

Various Lexmark devices have a Buffer Overflow vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503861; scriptversion"1.4";...

Lexmark Printers Code Injection (CVE-2021-44734)

Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Lexmark Printers Improper Input Validation (CVE-2019-6489)

Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Lexmark Printers Improper Restriction of XML External Entity Reference (CVE-2023-40239)

Certain Lexmark devices such as CS310 before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80..P246, i.e., '' indicates that the full version specification varies across product model family, but firmware level P246 or higher is required to...

Lexmark Printers Cross-site Scripting (CVE-2020-10093)

A cross-site scripting XSS vulnerability in Lexmark Pro910 series inkjet and other discontinued products. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...