936 matches found
Lexmark Printers - Command Injection
Certain Lexmark devices through 2023-02-19 mishandle Input Validation issue 1 of 4. id: CVE-2023-26067 info: name: Lexmark Printers - Command Injection author: DhiyaneshDK severity: high description: | Certain Lexmark devices through 2023-02-19 mishandle Input Validation issue 1 of 4. impact: |...
Lexmark Printers Cross-site Scripting (CVE-2020-10093)
A cross-site scripting XSS vulnerability in Lexmark Pro910 series inkjet and other discontinued products. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Lexmark Printers Cross-site Scripting (CVE-2019-19773)
Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&lo cale=en&userlocale=ENUS. This plugin only works with Tenable.ot. Please visit...
Lexmark Printers Missing Authentication for Critical Function (CVE-2019-9934)
Various Lexmark products have Incorrect Access Control issue 1 of 2. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid505493; scriptversion"1.3";...
Lexmark Printers Cross-site Scripting (CVE-2019-18791)
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser. This plugin only works with Tenable.ot. Please visit...
Lexmark Printers Improper Access Control (CVE-2019-10058)
Various Lexmark products have Incorrect Access Control. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid505497; scriptversion"1.3";...
Lexmark Printers Integer Overflow or Wraparound (CVE-2019-9930)
Various Lexmark products have an Integer Overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid505490; scriptversion"1.3";...
Lexmark Printers Denial of Service (CVE-2019-9931)
Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Lexmark Printers Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2018-15519)
Various Lexmark devices have a Buffer Overflow issue 1 of 2. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid505489; scriptversion"1.3";...
Lexmark Printers Improper Input Validation (CVE-2010-0101)
The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service operating system halt via a malformed HTTP Authorization header. This plugin...
Lexmark Printer Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2010-0619)
Stack-based buffer overflow in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser printers and multi-function printers allows remote attackers to execute arbitrary code or cause a denial of service device hang via a long argument t...
Lexmark International X1185 Improper Privilege Management (CVE-2006-0577)
Lexmark X1185 printer allows local users to gain SYSTEM privileges by navigating to the Appearance dialog and selecting the Additional styles skins are available on the Lexmark web site option, which launches a web browser that is running with SYSTEM privileges. This plugin only works with...
CVE-2025-65079
A heap-based buffer overflow vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user...
CVE-2025-65080
A type confusion vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user...
CVE-2025-65081
An out-of-bounds read vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user...
CVE-2025-65078
An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code...
CVE-2025-65077
A relative path traversal vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user...
(Pwn2Own) Lexmark CX532adwe esfhelper Untrusted Search Path Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Lexmark CX532adwe printers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
(Pwn2Own) Lexmark CX532adwe getCFFNames Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX532adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getCFFNames function. The issue results from the lack of proper...
(Pwn2Own) Lexmark CX532adwe usecmap Type Confusion Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX532adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the usecmap method. The issue results from the lack of proper...