3863 matches found
CVE-2026-23767
CVE-2026-23767 affects ESC/POS, the printer control language from Seiko Epson. The description states there are no user authentication or command authorization mechanisms, no controls to restrict network sources/destinations, and that commands are transmitted without encryption or integrity prote...
CVE-2026-23767
ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection...
SUSE CVE-2026-25797
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...
UBUNTU-CVE-2026-25797
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...
CVE-2026-2464
Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service. The service is...
CVE-2025-4960
The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s...
CVE-2025-4960 macOS Local Privilege Escalation via Improper Authorization Handling in EPSON Printer Controller Installer
The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly enforce macOS’s...
CVE-2025-4960
CVE-2025-4960 affects macOS via the EPSON printer driver installer’s com.epson.InstallNavi.helper, which exposes privileged functionality due to improper authorization handling and weak client authentication over XPC. The API flow uses overly permissive custom rights registered in /var/db/auth.db...
EPSON Printer Controller Installer 安全漏洞
EPSON Printer Controller Installer is a printer driver installation software developed by EPSON, a Japanese company. The EPSON Printer Controller Installer has a security vulnerability, which stems from improper client authentication using the XPC protocol and incorrect execution of the macOS...
CVE-2019-25401
Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a denial of service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the printer's web service, causing a denial of service...
CVE-2019-25401
Bematech MP-4200 TH printer (formerly Logic Controls, now Elgin) has a denial-of-service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the web service, causing DoS. CVSS metrics are provided: ...
CVE-2019-25356
CVE-2019-25356 affects Bematech MP-4200 TH printer (formerly Logic Controls, now Elgin). The admin configuration page is vulnerable to cross-site scripting via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript in an authenticated user...
CVE-2019-25356 Bematech Printer MP-4200 TH Cross-Site Scripting
Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a cross-site scripting vulnerability in the admin configuration page. Attackers can inject malicious scripts via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript...
CVE-2019-25356
Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a cross-site scripting vulnerability in the admin configuration page. Attackers can inject malicious scripts via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript...
CVE-2026-2464
Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service. The service is...
CVE-2026-2464 Directory Traversal in AMR Printer Management by AMR
Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service. The service is...
CVE-2026-2464
The CVE describes a path traversal vulnerability in the AMR Printer Management 1.01 Beta web service that is accessible without authentication and runs with elevated privileges. An attacker can supply crafted path traversal sequences to the web management interface to read arbitrary files on the ...
CVE-2026-2464 Directory Traversal in AMR Printer Management by AMR
Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service. The service is...
AMR Printer Management 路径遍历漏洞
AMR Printer Management is a hosting printing service software provided by AMR Printer Management Company in Spain. The AMR Printer Management 1.01 Beta version contains a path traversal vulnerability. This vulnerability stems from path traversal vulnerabilities in the web service, allowing remote...
PT-2026-20415
Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service. The service is...