(Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dtdcaddrimportSub method. The issue results from the la...

EUVD-2022-29544

Malicious code in bioql PyPI...

EUVD-2022-29545

Malicious code in bioql PyPI...

EUVD-2022-29546

Malicious code in bioql PyPI...

Multiple vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers

Overview Canon printer drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers contain multiple vulnerabilities listed below. Out-of-bounds read CWE-125 - CVE-2025-7698 Out-of-bounds write CWE-787 - CVE-2025-9903 Reference to unallocated memory CWE-696 -...

(Pwn2Own) Canon imageCLASS MF656Cdw sfpcmAuthenticateSecAdmin Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF656Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sfpcmAuthenticateSecAdmin function. The issue results...

CVE-2023-1764

Canon IJ Network Tool/Ver.4.7.5 and earlier supported OS: OS X 10.9.5-macOS 13,IJ Network Tool/Ver.4.7.3 and earlier supported OS: OS X 10.7.5-OS X 10.8 allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the communication of the software...

Canon Printer Detection (IPP)

IPP based detection of Canon printer devices. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Out-of-bounds Write vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers

Overview Out-of-bounds Write vulnerabilities were found in Canon printer drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers. Out-of-bounds Write vulnerability on curve segmentation CWE-787 - CVE-2025-0234 Out-of-bounds Write vulnerability on image...

Canon多款产品 安全漏洞

Canon Generic Plus PCL6 Printer Driver and others are a printer driver from Canon Japan. A security vulnerability exists in various Canon products. An attacker could exploit the vulnerability to execute malicious code. The following products are affected: Canon Generic Plus PCL6 Printer Driver,...

PT-2025-13641

Name of the Vulnerable Software and Affected Versions Generic Plus PCL6 Printer Driver versions 3.12 and earlier Generic Plus UFR II Printer Driver versions 3.12 and earlier Generic Plus LIPS4 Printer Driver versions 3.12 and earlier Generic Plus LIPSLX Printer Driver versions 3.12 and earlier...

Canon多款产品 缓冲区错误漏洞

Canon Generic PCL6 V4 Printer Driver and others are products of Canon Japan.Canon Generic PCL6 V4 Printer Driver is a Canon Generic PCL6 V4 printer driver.Canon Generic UFR II V4 Printer Canon Generic UFR II V4 Printer Driver is a Canon Generic UFR II V4 printer driver.Canon Generic LIPSLX V4...

CVE-2022-43608

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.03 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BJNP service. The issue results from the lack of...

CVE-2022-24672

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CADM service. The issue results from the lack of...

CVE-2022-24673

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the SLP protocol. The issue results from...

(Pwn2Own) Canon imageCLASS MF656Cdw TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF656Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of TIF files. The issue results from the lack o...

(Pwn2Own) Canon imageCLASS MF656Cdw listObjects2 Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF656Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CADM service. The issue results from the lack of proper...

(Pwn2Own) Canon imageCLASS MF656Cdw TTF Parsing Write-What-Where Condition Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF656Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within parsing of TrueType fonts. The issue results from the lack ...

PT-2023-16564 · Canon · I-Sensys C1127I +14

Name of the Vulnerable Software and Affected Versions: Satera LBP660C Series versions 11.04 and earlier Satera LBP620C Series versions 11.04 and earlier Satera MF740C Series versions 11.04 and earlier Satera MF640C Series versions 11.04 and earlier Color imageCLASS LBP660C Series versions 11.04 a...

Heap overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CADM service. The issue results from the lack of...