937 matches found
PT-2026-5945
Name of the Vulnerable Software and Affected Versions Lexmark Embedded Solutions Framework affected versions not specified Description A relative path traversal issue exists in the Embedded Solutions Framework used in Lexmark devices. An attacker could potentially use this to execute arbitrary co...
CVE-2023-40239
Certain Lexmark devices such as CS310 before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80..P246, i.e., '' indicates that the full version specification varies across product model family, but firmware level P246 or higher is required to...
CVE-2018-18894
Certain older Lexmark devices C, M, X, and 6500e before 2018-12-18 contain a directory traversal vulnerability in the embedded web server...
CVE-2010-0101
The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service operating system halt via a malformed HTTP Authorization header...
CVE-2019-18791
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser...
CVE-2020-10095
Various Lexmark devices have CSRF that allows an attacker to modify the configuration of the device...
CVE-2023-50738
A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A method to override this downgrade protection has been identified...
CVE-2023-50733
A Server-Side Request Forgery SSRF vulnerability has been identified in the Web Services feature of newer Lexmark devices...
CVE-2025-1126
A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client...
Lexmark Printers Improper Input Validation (CVE-2023-26070)
An input validation vulnerability has been identified in the SNMP feature in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503895; scriptversion"1.3";...
Lexmark Printers Improper Input Validation (CVE-2023-26067)
A trusted internal component of Lexmark devices has an input validation vulnerability. This vulnerability can be leveraged by an attacker who has already compromised the device to escalate privileges. NOTE: This vulnerability cannot be used to compromise a device, it can only be used on a device...
Lexmark Printers Improper Validation of Array Index (CVE-2023-26066)
A PostScript operator that improperly validates the stack has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503906;...
Lexmark Printers Improper Limitation of a Pathname to a Restricted Directory (CVE-2025-1127)
A combination Path Traversal and Concurrent Execution vulnerability exists within the embedded web server in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503894...
Lexmark Printers Incorrect Calculation of Buffer Size (CVE-2023-50736)
A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503887; scriptversion"1.5";...
Lexmark Printers Improper Validation of Integrity Check Value (CVE-2023-50738)
A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A method to override this downgrade protection has been identified. Lexmark documentation recommends that access to the Firmware Updates be restricted to trusted personnel. %NASLMINLEVEL 80900 C Tenable, Inc...
Lexmark Printers Improper Input Validation (CVE-2023-26068)
A vulnerability has been identified in the embedded web server used in Lexmark devices. The vulnerability allows the attacker to execute arbitrary code on a device with the permissions of the embedded webserver. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid50390...
Lexmark Printers Integer Overflow or Wraparound (CVE-2024-11347)
An integer overflow vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Lexmark Printers Access of Resource Using Incompatible Type (CVE-2024-11346)
A type confusion vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503884;...
Lexmark Printers Integer Overflow or Wraparound (CVE-2023-26065)
An integer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503905; scriptversion"1.3";...
Lexmark Printers Heap-based Buffer Overflow (CVE-2023-50739)
A buffer overflow vulnerability has been identified in the Internet Printing Protocol IPP in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503889;...