RICOH MP C1803 JPN Cross-site Scripting (CVE-2018-17310)

On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. This plugin only works with Tenable.ot. Please visit...

RICOH MP C2003 Cross-site Scripting (CVE-2018-17315)

On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. This plugin only works with Tenable.ot. Please visit...

RICOH MP C406Z Cross-site Scripting (CVE-2018-17309)

On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. This plugin only works with Tenable.ot. Please visit...

RICOH MP C6003 Cross-site Scripting (CVE-2018-17316)

On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. This plugin only works with Tenable.ot. Please visit...

RICOH Aficio MP 301 Cross-site Scripting (CVE-2018-17312)

On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. This plugin only works with Tenable.ot. Please visit...

RICOH SP C250 Series Buffer Overflow (CVE-2019-14308)

Several Ricoh printers have multiple buffer overflows parsing LPD packets, which allow an attacker to cause a denial of service or code execution via crafted requests to the LPD service. Affected firmware versions depend on the printer models. One affected configuration is...

DEBIAN-CVE-2024-25741

printerwrite in drivers/usb/gadget/function/fprinter.c in the Linux kernel through 6.7.4 does not properly call usbepqueue, which might allow attackers to cause a denial of service or have unspecified other impact...

Code injection

printerwrite in drivers/usb/gadget/function/fprinter.c in the Linux kernel through 6.7.4 does not properly call usbepqueue, which might allow attackers to cause a denial of service or have unspecified other impact...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 6.7.4 and earlier, which originates from Printerwrite in drivers/usb/gadget/functions/fprinter.c failing to correctly ca...

CentOS 8 : cups-filters (CESA-2023:3425)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3425 advisory. - cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you us...

Lexmark Printer RCE Vulnerability (CVE-2023-50737)

Multiple Lexmark printer devices are prone to remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFI...

Lexmark Printer RCE Vulnerability (CVE-2023-50736)

Multiple Lexmark printer devices are prone to remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFI...

CVE-2023-6229

Buffer overflow in CPCA PDL Resource Download process of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C Series/Satera MF750C Series firmware v03.07...

CVE-2023-6231

Buffer overflow in WSD probe request process of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C Series/Satera MF750C Series firmware v03.07 and...

CVE-2023-6229

Buffer overflow in CPCA PDL Resource Download process of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C Series/Satera MF750C Series firmware v03.07...

VulnCheck KEV: CVE-2023-3710

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM Printer web page modules allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 e.g. P10.19.050006...

The vulnerability of the Printing component in the macOS operating system, which allows a hacker to alter printer settings.

The vulnerability of the Printing component in the macOS operating system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to alter printer settings...

Ricoh Printer Directory / File Exposure

Exploit Title: Ricoh Printer Directory and File Exposure Date: 9/15/2023 Exploit Author: Thomas Heverin Heverin Hacker Vendor Homepage: https://www.ricoh.com/products/printers-and-copiers Software Link: https://replit.com/@HeverinHacker/Ricoh-Printer-Directory-and-File-Findermain.py Version: Rico...

CVE-2024-23637

OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. An attacker who managed to hijack an adm...

PYSEC-2024-29

OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. An attacker who managed to hijack an adm...