CVE-2020-10668

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. The vulnerable parameter is openSI. NOTE: this is fixed in the latest version...

CVE-2020-10669

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. An unauthenticated attacker able to connect to the device's web interface can get a copy of the documents uploaded by any users. NOTE: this is fixed in the late...

CVE-2020-10670

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter settingId of the settingDialogContent.jsp page. NOTE: this is fixed in the latest version...

CVE-2025-20731

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege when OceReducedNeighborReport is disabled. User interaction is not needed for exploitation...

CVE-2025-20732

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege when OceReducedNeighborReport is disabled. User interaction is not needed for exploitation...

EUVD-2020-19055

Malware in sbrugna...

EUVD-2020-3114

Malware in sbrugna...

EUVD-2021-25728

Malware in sbrugna...

EUVD-2021-25729

Malware in sbrugna...

EUVD-2020-3111

Malware in sbrugna...

EUVD-2020-3113

Malware in sbrugna...

EUVD-2018-3847

Malware in sbrugna...

EUVD-2020-3112

Malware in sbrugna...

EUVD-2020-3115

Malware in sbrugna...

MAL-2025-28080 Malicious code in oce-login (npm)

The package oce-login was found to contain malicious code...

Malicious code in oce-login (npm)

The package oce-login was found to contain malicious code...

Malicious code in oce-login-enabler (npm)

The package oce-login-enabler was found to contain malicious code...

MAL-2025-28081 Malicious code in oce-login-enabler (npm)

The package oce-login-enabler was found to contain malicious code...

CVE-2021-39367

Canon Oce Print Exec Workgroup 1.3.2 allows Host header injection...

CVE-2021-39368

Canon Oce Print Exec Workgroup 1.3.2 allows XSS via the lang parameter...