250 matches found
PT-2025-24442
Name of the Vulnerable Software and Affected Versions Konica Minolta bizhub versions up to 20250202 Description A problematic issue was found in the Display MFP Information List component. The manipulation of the Model Name argument leads to cross-site scripting. It is possible to initiate the...
CVE-2024-48870
Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users...
CVE-2022-29588
Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files...
CVE-2022-29587
Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root aka superuser access privileges...
CVE-2019-6326
HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have embedded web server attributes which may be potentially vulnerable to Buffer Overflow...
CVE-2019-6324
HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page...
The vulnerability of the Internet Printing Protocol (IPP) implementation in multifunctional HP LaserJet MFP devices allows a perpetrator to cause service interruptions.
The vulnerability of the Internet Printing Protocol IPP implementation in microprogrammed multifunctional devices like HP LaserJet MFP is related to improper handling of unexpected types of data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending...
CVE-2025-2268
The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol IPP...
Siemens SIMATIC Devices Linux Kernel Stack-based Buffer Overflow (CVE-2022-2078)
A vulnerability was found in the Linux kernel's nftsetdescconcatparse function .This flaw allows an attacker to trigger a buffer overflow via nftsetdescconcatparse , causing a denial of service and possibly to run code. This plugin only works with Tenable.ot. Please visit...
CVE-2024-45320
Out-of-bounds write vulnerability exists in DocuPrint CP225w 01.22.01 and earlier, DocuPrint CP228w 01.22.01 and earlier, DocuPrint CM225fw 01.10.01 and earlier, and DocuPrint CM228fw 01.10.01 and earlier. If an affected MFP processes a specially crafted printer job file, a denial-of-service DoS...
Xerox Versalink C7025 Multifunction Printer: Pass-Back Attack Vulnerabilities (FIXED)
During security testing, Rapid7 discovered that Xerox Versalink C7025 Multifunction printers MFPs were vulnerable to pass-back attacks. The affected products identified were: Xerox Versalink MFPs Firmware Version: 57.69.91 and earlier This issue has been assigned the following CVEs: CVE-2024-1251...
CVE-2024-47549
Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser...
CVE-2024-42420
Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed...
PT-2024-38650 · Kofax · Totalagility
Name of the Vulnerable Software and Affected Versions: Tungsten Automation Kofax TotalAgility versions all through 7.9.0.25.0.954 Description: The issue is a Reflected XSS vulnerability that can be exploited through manipulation of the mfpConnectionId parameter in a form sent to endpoints...
Ricoh MFP and Printer Products Buffer Overflow (ricoh-2024-000011)
The version of the remote Ricoh MFP or printer is affected by a buffer overflow vulnerability. - Stack-based buffer overflow vulnerability exists in multiple Ricoh laser printers and MFPs which implement Web Image Monitor. If this vulnerability is exploited, receiving a specially crafted request...
Ricoh MFP 安全漏洞
Ricoh MFP is a series of printers from Ricoh Japan. A security vulnerability exists in Ricoh MFP that originates from a buffer overflow issue contained in WebImageMonitor that could lead to arbitrary code execution...
Multiple vulnerabilities in Sharp and Toshiba Tec MFPs
Overview MFPs multifunction printers provided by Sharp and Toshiba Tec Corporation contain multiple vulnerabilites listed below. Out-of-bounds Read CWE-125 CVE-2024-42420 Out-of-bounds read vulnerabilities coming from improper processing of keyword search input and improper processing of SOAP...
Sharp MFP 安全漏洞
Sharp MFP is a series of multifunction printers from Sharp Japan. A security vulnerability exists in Sharp MFP that stems from mishandling of keyword search inputs and SOAP messages, contains multiple out-of-bounds read vulnerabilities, and a carefully crafted HTTP request could cause the affecte...
PT-2024-33252 · Sharp +1 · Sharp Mfps +1
Name of the Vulnerable Software and Affected Versions: Sharp and Toshiba Tec MFPs affected versions not specified Description: The issue is related to improper validation of input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored b...
Sharp MFP 安全漏洞
Sharp MFP is a series of multifunction printers from Sharp Japan. A security vulnerability exists in Sharp MFP that stems from not properly handling URL data in HTTP PUT requests, resulting in a path traversal vulnerability that could retrieve unexpected internal files when processing a carefully...