Kyocera Command Center RX 路径遍历漏洞

Kyocera Command Center RX is a centralized printer management tool from Kyocera, Japan. The product is primarily used to manage and monitor printers on a local area network LAN. A path traversal vulnerability exists in Kyocera Command Center RX that stems from the presence of directory traversal,...

CVE-2021-33945

RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpasupplicant.conf. This vulnerabili...

CVE-2019-18203

On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn and KeyDisplay parameter to /web/entry/en/address/adrsSetUserWizard.cgi...

CVE-2019-20457

An issue was discovered on Brother MFC-J491DW C1806180757 devices. The printer's web-interface password hash can be retrieved without authentication, because the response header of any failed login attempt returns an incomplete authorization cookie. The value of the authorization cookie is the MD...

CVE-2024-34329

Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.5 and earlier without the dxp1-patch-E24-004 patch allows unauthenticated attackers to execute arbitrary code as SYSTEM via a crafted DLL payload...

CVE-1999-0061

File creation and deletion, and remote execution, in the BSD line printer daemon lpd...

CVE-2024-2209

A user with administrative privileges can create a compromised dll file of the same name as the original dll within the HP printer’s Firmware Update Utility FUU bundle and place it in the Microsoft Windows default downloads directory which can lead to potential arbitrary code execution...

CVE-2025-1268

Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Printer Driver / UFRII LT Printer Driver / CARPS2...

OESA-2025-2886 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3-sva: Fix mm use-after-free We currently call arm64mmcontextput without holding a reference to the mm, which can result in use-after-free. Call...

SEIKO EPSON printer Web Config vulnerable to stack-based buffer overflow

Overview Web Config is software installed on multiple SEIKO EPSON printers which allows users to check the status and change the settings via a web browser. Web Config contains the following vulnerability. Stack-based buffer overflow CWE-121 - CVE-2025-66635 Shogo Iyota of GMO Cybersecurity by...

CVE-2025-9457

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

Honeywell PM43 Industrial Printers Files or Directories Accessible to External Parties (CVE-2023-3712)

Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM Printer web page modules allows Privilege Escalation. This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version...

Honeywell PM43 Industrial Printers Session Fixation (CVE-2023-3711)

Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM Printer web page modules allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5...

CVE-2025-9457 PRT File Parsing Memory Corruption Vulnerability

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2025-9453 PRT File Parsing Out-of-Bounds Read Vulnerability

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

PT-2025-51344

Name of the Vulnerable Software and Affected Versions Autodesk products affected versions not specified Description A specially designed PRT file, when processed by certain Autodesk products, can lead to a memory corruption issue. An attacker could potentially exploit this to run code without...

CLSA-2025-1765463952 cups: Fix of CVE-2025-58364

CVE-2025-58364: fix unsafe deserialization and validation of printer attributes causing null dereference...

CLSA-2025-1765477018 cups: Fix of CVE-2025-58364

CVE-2025-58364: fix deserialization and validation issue in printer attributes to prevent null dereference...

CLSA-2025-1765476676 cups: Fix of CVE-2025-58364

CVE-2025-58364: fix unsafe deserialization and validation of printer attributes causing null dereference...

New Research: Multifunction Printer (MFP) Security Concerns within the Enterprise Business Environment

Multifunction printers MFPs do far more than print. They scan, email, fax, store, and authenticate. That convenience comes with risk. Our latest report, Understanding Multifunction Printer MFP Security within the Enterprise Business Environment, from Rapid7’s Deral Heiland, Principal Security...