Lucene search
+L

530 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 7:21 a.m.8 views

CVE-2025-4960

The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s...

7.8CVSS5.9AI score0.00126EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 7:17 a.m.8 views

CVE-2025-4960

The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s...

7.8CVSS0.00126EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/19 1:37 a.m.37 views

CVE-2025-4960 macOS Local Privilege Escalation via Improper Authorization Handling in EPSON Printer Controller Installer

The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s...

7.8CVSS0.00126EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/19 1:37 a.m.5 views

CVE-2025-4960 macOS Local Privilege Escalation via Improper Authorization Handling in EPSON Printer Controller Installer

The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s...

7.8CVSS7.8AI score0.00126EPSS
Exploits0References2
CVE
CVE
added 2026/02/19 1:37 a.m.16 views

CVE-2025-4960

CVE-2025-4960 affects macOS via the EPSON printer driver installer’s com.epson.InstallNavi.helper, which exposes privileged functionality due to improper authorization handling and weak client authentication over XPC. The API flow uses overly permissive custom rights registered in /var/db/auth.db...

7.8CVSS7.7AI score0.00126EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.10 views

EPSON Printer Controller Installer 安全漏洞

EPSON Printer Controller Installer is a printer driver installation software developed by EPSON, a Japanese company. The EPSON Printer Controller Installer has a security vulnerability, which stems from improper client authentication using the XPC protocol and incorrect execution of the macOS...

7.8CVSS7.3AI score0.00126EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

EPSON Printers Open Redirect (CVE-2018-0688)

Open redirect vulnerability in SEIKO EPSON printers and scanners DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, EP-30VA firmware versions released prior to 2017 Jun...

6.1CVSS7AI score0.0098EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

EPSON WF-2861 Denial of Service (CVE-2018-19232)

The web service on Epson WorkForce WF-2861 10.48 LQ22I3Recovery- mode, WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to cause a denial of service via a FIRMWAREUPDATE GET request, as demonstrated by the /DOWN/FIRMWAREUPDATE/ROM1 URI. This plugin only works with...

7.5CVSS7.2AI score0.01366EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

EPSON Printers Improper Authentication (CVE-2022-36133)

The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500 allows authentication bypass. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

9.1CVSS8.3AI score0.00681EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.6 views

EPSON WF-2861 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2018-18959)

An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. On the 'Air Print Setting' web page, if the data for 'Bonjour Service Location' at /PRESENTATION/BONJOUR is more than 251 bytes when sending data for Air Print Setting, then the device no longe...

7.5CVSS7.2AI score0.01163EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

EPSON Printers HTTP Request/Response Splitting (CVE-2018-0689)

HTTP header injection vulnerability in SEIKO EPSON printers and scanners DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, EP-30VA firmware versions released prior to...

8.8CVSS8.2AI score0.01642EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

EPSON WF-2861 Missing Authentication for Critical Function (CVE-2018-19248)

The web service on Epson WorkForce WF-2861 10.48 LQ22I3Recovery- mode, WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to upload a firmware file and reset the printer without authentication by making a request to the /DOWN/FIRMWAREUPDATE/ROM1 URI and a POST request ...

9.1CVSS7.4AI score0.01479EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

EPSON WF-2750 Communication Channel Errors (CVE-2018-14900)

On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs. Remote attackers can send print jobs directly to the printer via TCP port 9100. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

7.5CVSS7.3AI score0.01112EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

EPSON Printers Uncontrolled Search Path Element (CVE-2020-5674)

Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.8CVSS7.4AI score0.00341EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

EPSON Printers Cross-site Scripting (CVE-2023-23572)

Cross-site scripting vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. Note Web Config is the software that allows users to check the status and change the settings of SEIKO EPS...

4.8CVSS5.4AI score0.00499EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

EPSON Printers Improper Input Validation (CVE-2023-38556)

Improper input validation vulnerability in SEIKO EPSON printer Web Config allows a remote attacker to turned off the printer. Note Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers via a web browser. Web Config is pre-installed in som...

7.5CVSS7.3AI score0.00644EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.2 views

EPSON Printers Incorrect Default Permissions (CVE-2020-12695)

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. This plugin only works with Tenable.ot...

7.8CVSS6.8AI score0.15193EPSS
Exploits3References17
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

EPSON WF-2861 Uncontrolled Resource Consumption (CVE-2018-18960)

An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. They use SNMP to find certain devices on the network, but the default version is v2c, allowing an amplification attack. This plugin only works with Tenable.ot. Please visit...

5.9CVSS6.3AI score0.00906EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

EPSON WF-2750 Improper Neutralization of Input During Web Page Generation (CVE-2018-14899)

On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

6.1CVSS6.2AI score0.00675EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

EPSON Printers Cross-Site Request Forgery (CVE-2023-27520)

Cross-site request forgery CSRF vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attacker to hijack the authentication and perform unintended operations by having a logged-in user view a malicious page. Note Web Config is the software that allows...

6.5CVSS5.9AI score0.00314EPSS
Exploits0References3
Rows per page
Query Builder