KB5078775: Windows Server 2012 Security Update (March 2026)

The remote Windows host is missing security update 5078775. It is, therefore, affected by multiple vulnerabilities - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. CVE-2026-23669 - Use after free in Windows Win32K allows an...

Wavlink NU516U1 缓冲区错误漏洞

Wavlink NU516U1 is a wireless print server developed by Wavlink Corporation. The version 251208 of Wavlink NU516U1 contains a buffer error vulnerability. This vulnerability stems from incorrect handling of the parameter ipaddr in the function sub401A10 located in the file/cgi-bin/login.cgi, which...

CVE-2026-23767

ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection...

EUVD-2026-9594

ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection...

CVE-2026-23767

ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection...

CVE-2026-23767

CVE-2026-23767 affects ESC/POS, the printer control language from Seiko Epson. The description states there are no user authentication or command authorization mechanisms, no controls to restrict network sources/destinations, and that commands are transmitted without encryption or integrity prote...

CVE-2026-23767

ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection...

CVE-2026-23767

ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection...

SUSE CVE-2026-25797

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...

UBUNTU-CVE-2026-25797

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...

CVE-2026-2464

Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service. The service is...

CVE-2025-4960

The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s...

CVE-2025-4960 macOS Local Privilege Escalation via Improper Authorization Handling in EPSON Printer Controller Installer

The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s...

CVE-2025-4960

CVE-2025-4960 affects macOS via the EPSON printer driver installer’s com.epson.InstallNavi.helper, which exposes privileged functionality due to improper authorization handling and weak client authentication over XPC. The API flow uses overly permissive custom rights registered in /var/db/auth.db...

EPSON Printer Controller Installer 安全漏洞

EPSON Printer Controller Installer is a printer driver installation software developed by EPSON, a Japanese company. The EPSON Printer Controller Installer has a security vulnerability, which stems from improper client authentication using the XPC protocol and incorrect execution of the macOS...

CVE-2019-25401

Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a denial of service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the printer's web service, causing a denial of service...

CVE-2019-25401

Bematech MP-4200 TH printer (formerly Logic Controls, now Elgin) has a denial-of-service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the web service, causing DoS. CVSS metrics are provided: ...

CVE-2019-25356

CVE-2019-25356 affects Bematech MP-4200 TH printer (formerly Logic Controls, now Elgin). The admin configuration page is vulnerable to cross-site scripting via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript in an authenticated user...

CVE-2019-25356 Bematech Printer MP-4200 TH Cross-Site Scripting

Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a cross-site scripting vulnerability in the admin configuration page. Attackers can inject malicious scripts via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript...

CVE-2019-25356

Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a cross-site scripting vulnerability in the admin configuration page. Attackers can inject malicious scripts via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript...