Lexmark Printers Cross-site Scripting (CVE-2019-18791)

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser. This plugin only works with Tenable.ot. Please visit...

Lexmark Printers Denial of Service (CVE-2019-9931)

Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Lexmark Printers Improper Input Validation (CVE-2010-0101)

The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service operating system halt via a malformed HTTP Authorization header. This plugin...

Lexmark Printer Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2010-0619)

Stack-based buffer overflow in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser printers and multi-function printers allows remote attackers to execute arbitrary code or cause a denial of service device hang via a long argument t...

Lexmark多款产品 安全漏洞

The Lexmark CX410, among others, is a product of the American company Lexmark. The Lexmark CX410 is a printer. The Lexmark CX510 is a multifunctional printer. The Lexmark CX82x is also a multifunctional printer. Several Lexmark products have security vulnerabilities; these vulnerabilities stem fr...

Lexmark Printers 安全漏洞

The Lexmark Printers are a series of printers produced by the American company Lexmark. There is a security vulnerability in the Lexmark Printers, which stems from an untrusted search path within the embedded solution framework, potentially allowing for the execution of arbitrary code. The...

Lexmark多款产品 安全漏洞

The Lexmark CX410, among others, is a product of the American company Lexmark. The Lexmark CX410 is a printer. The Lexmark CX510 is a multifunctional printer. The Lexmark CX82x is also a multifunctional printer. Several Lexmark products have security vulnerabilities; these vulnerabilities stem fr...

Lexmark多款产品 安全漏洞

The Lexmark CX410 is a product of the American company Lexmark. The Lexmark CX410 is a printer. The Lexmark CX510 is a multifunctional printer. The Lexmark CX82x is a multifunctional printer. Several products from Lexmark have security vulnerabilities; these vulnerabilities stem from the Postscri...

CVE-2010-0101

The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service operating system halt via a malformed HTTP Authorization header...

CVE-2019-18791

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser...

Lexmark Printers Improper Validation of Array Index (CVE-2023-26066)

A PostScript operator that improperly validates the stack has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503906;...

Lexmark Printers Stack-based Buffer Overflow (CVE-2023-50734)

A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503885; scriptversion"1.4";...

Lexmark Printers Denial of Service (CVE-2019-11358)

jQuery before 3.4.0 mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype. This can lead to a denial of service, remote code execution, or property injection...

Lexmark Printers Stored Cross-site Scripting (CVE-2020-13481)

A stored cross site scripting vulnerability has been identified in the embedded web server used in Lexmark devices. The vulnerability can be used to attack the user’s browser, exposing session credentials and other information accessible to the browser. %NASLMINLEVEL 80900 C Tenable, Inc...

Lexmark Printers Denial of Service (CVE-2019-14816)

A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. The vulnerability can be exploited by an attacker on the same WiFi physical network segment to cause a system crash resulting in a denial of service or potentially execution of arbitrary code. %NASLMINLEVEL 80900 C Tenable,...

Lexmark Printers Heap-based Buffer Overflow (CVE-2023-50739)

A buffer overflow vulnerability has been identified in the Internet Printing Protocol IPP in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503889;...

Lexmark Printers Improper Validation of Integrity Check Value (CVE-2023-50738)

A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A method to override this downgrade protection has been identified. Lexmark documentation recommends that access to the Firmware Updates be restricted to trusted personnel. %NASLMINLEVEL 80900 C Tenable, Inc...

Lexmark Printers Improper Input Validation (CVE-2023-26068)

A vulnerability has been identified in the embedded web server used in Lexmark devices. The vulnerability allows the attacker to execute arbitrary code on a device with the permissions of the embedded webserver. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid50390...

Lexmark Printers CWE CATEGORY: Pointer Issues (CVE-2023-50735)

A heap corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503896; scriptversion"1.5";...

Lexmark Printers Race Condition (CVE-2020-35546)

A race condition exists while processing the state of the two security jumpers in an MX6500e. This can cause occasional misreads of the security jumper state during boot, causing the device to incorrectly believe the security jumper state has changed. The result is that security access controls m...