CVE-2022-3429

Summary: CVE-2022-3429 is described as a denial-of-service in Lenovo printer firmware caused by sending illegal or malformed strings to an open port, leading to a display error and printer unavailability. Affected product/area: Lenovo printers (firmware). What is vulnerable: Input handling on an ...

CVE-2022-34887

CVE-2022-34887 affects Lenovo Printers where standard users can directly operate and set printer configuration information (e.g., IP) without authenticating the administrator password. Public records describe this as a network-accessible issue with low privileges required and no user interaction,...

PT-2023-13434 · Lenovo · Lenovo Printers

Name of the Vulnerable Software and Affected Versions: Lenovo Printers affected versions not specified Description: The issue allows standard users to directly operate and set printer configuration information, such as IP, in some Lenovo Printers without having to authenticate with the...

PT-2023-13356 · Lenovo · Lenovo Printers

Name of the Vulnerable Software and Affected Versions: Lenovo printers affected versions not specified Description: A denial-of-service issue was found in the firmware used in Lenovo printers. It occurs when users send illegal or malformed strings to an open port, triggering a denial of service...

The vulnerability of the printer web page module (ARM) of Honeywell PM43, which allows a intruder to execute arbitrary commands

The vulnerability of the printer web page module ARM of Honeywell PM43 is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

CWA Mac unable to print after macOS Sonoma upgrade: "Printer not activated. Error code -41"

Post macOS upgrade to Sonoma, Citrix Workspace App for Mac users with locally attached printers will receive an error message: "Printer not activated. Error code -41 " when attempting to print...

Authentication flaw

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the...

CVE-2023-4957 Authentication Bypass on Zebra ZTC

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the...

CVE-2023-4957

CVE-2023-4957 affects Zebra Technologies ZTC industrial printers (ZT410) and GK420d desktop models. A authentication-bypass flaw allows an attacker on the same network to alter web-page credentials by sending a crafted POST to setvarsResults.cgi when the printer’s protected mode is disabled. Repo...

printer-ciss-cartridge.ru Cross Site Scripting vulnerability OBB-3739599

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Caracal - Static Analyzer For Starknet Smart Contracts

Caracal is a static analyzer tool over the SIERRA representation for Starknet smart contracts. Features Detectors to detect vulnerable Cairo code Printers to report information Taint analysis Data flow analysis framework Easy to run in Scarb projects Installation Precompiled binaries Precompiled...

SATO America CL4NX License Issue Vulnerability

The SATO America CL4NX is a printer from SATO America. An authorization issue vulnerability exists in SATO America CL4NX version 1.13.2-u455r2, which stems from the presence of an improper authentication vulnerability...

SATO America CL4NX Path Traversal Vulnerability

The SATO America CL4NX is a printer from SATO America. A path traversal vulnerability exists in the SATO America CL4NX version 1.13.2-u455r2, which stems from the fact that the parameter full in the file /rest/dir/ causes path traversal...

Fedora: Security Advisory for libppd (FEDORA-2023-52aa3d1a4f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: libppd-2.0~rc2-4.fc39

Libppd provides all PPD related function/API which is going to be removed from CUPS 3.X, but are still required for retro-fitting support of legacy printers. The library is meant only for retro-fitting printer applications, any new printer drivers have to be written as native printer application...

PT-2023-8479 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14 Description: The issue is related to inadequate access control in the Printing component of the macOS operating system. It may allow an app to modify Printer settings. The issue was addressed with improved handling ...

CVE-2023-2508

The PaperCutNG Mobility Print version 1.0.3512 application allows an unauthenticated attacker to perform a CSRF attack on an instance administrator to configure the clients host in the "configure printer discovery" section. This is possible because the application has no protections against CSRF...

Cross site request forgery (csrf)

The PaperCutNG Mobility Print version 1.0.3512 application allows an unauthenticated attacker to perform a CSRF attack on an instance administrator to configure the clients host in the "configure printer discovery" section. This is possible because the application has no protections against CSRF...

CVE-2023-2508 CSRF in PaperCutNG Mobility Print leads to sophisticated phishing

The PaperCutNG Mobility Print version 1.0.3512 application allows an unauthenticated attacker to perform a CSRF attack on an instance administrator to configure the clients host in the "configure printer discovery" section. This is possible because the application has no protections against CSRF...

UBUNTU-CVE-2023-4504

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...