Canon Printer Detection Consolidation

Consolidation of Canon Printer device detections. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Caldera Access Control Error Vulnerability (CNVD-2022-08044)

Caldera is a suite of software from Caldera France that provides color management, imaging and processing solutions for printer devices. Caldera suffers from an Access Control Error vulnerability in version 2.8.1 and earlier, which stems from the software's failure to properly segregate user...

KING JIM Label printer 访问控制错误漏洞

KING JIM Label printer is a label printer from KING JIM Japan. An access control error vulnerability exists in the KING JIM Label printer, which stems from the product not adding adequate protection for credentials. An attacker could use this vulnerability to obtain credentials, connect to a Wi-F...

CVE-2021-34086

In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver hosts APIs vulnerable to CSRF. They do not verify incoming requests...

Code injection

In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver can be used for clickjacking. This includes the settings page...

CVE-2021-34086

CVE-2021-34086 affects Ultimaker S3/S5 and Ultimaker 3 (S-line up to 6.3; 3 through 5.2.16) where the local webserver exposes APIs that are vulnerable to CSRF due to lack of request verification. Root cause: insufficient CSRF protection on the local webserver APIs. Impact: CVSS3.1/AV:N/AC:L/PR:N/...

CVE-2021-34087

In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver can be used for clickjacking. This includes the settings page...

CVE-2021-34087

The CVE-2021-34087 entry describes a clickjacking vulnerability in the local webserver of Ultimaker printers. Affected products: Ultimaker S3, Ultimaker S5, and Ultimaker 3 family (S-line through firmware 6.3; Ultimaker 3 through 5.2.16). The issue is specifically on the settings page of the loca...

Exploit for Insufficiently Protected Credentials in Samsung Syncthru_Web_Service

CVE-2021-42913 Samsung Printer SCX-6X55X Improper Ac...

CVE-2021-42913

The SyncThru Web Service on Samsung SCX-6x55X printers allows an attacker to gain access to a list of SMB users and cleartext passwords by reading the HTML source code. Authentication is not required...

Authentication flaw

The SyncThru Web Service on Samsung SCX-6x55X printers allows an attacker to gain access to a list of SMB users and cleartext passwords by reading the HTML source code. Authentication is not required...

Samsung Printer Scx-6x55x 安全漏洞

The Samsung Printer Scx-6x55x is a laser multifunction printer from Samsung South Korea. A security vulnerability exists in the Samsung Printer Scx-6x55x, which originates in the product's SyncThru Web service that allows access to SMB user lists and plaintext passwords via HTML source code...

The vulnerability of HP LaserJet, PageWide, Scanjet Enterprise, and LaserJet Managed printer microprogramming software lies in the execution of operations beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of HP LaserJet, PageWide, Scanjet Enterprise, and LaserJet Managed printer microprogramming software lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

December 14, 2021—KB5008206 (OS Build 18363.1977)

December 14, 2021—KB5008206 OS Build 18363.1977 EXPIRATION NOTICE As of 9/12/2023, KB5008206 is only available from Windows Update. This update is no longer available from the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security...

December 14, 2021—KB5008255 (Security-only update)

December 14, 2021—KB5008255 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July...

December 14, 2021—KB5008285 (Security-only update)

December 14, 2021—KB5008285 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended suppor...

December 14, 2021—KB5008277 (Monthly Rollup)

December 14, 2021—KB5008277 Monthly Rollup Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020,...

December 14, 2021—KB5008282 (Security-only update)

December 14, 2021—KB5008282 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows 7, Windows Server 2008 R2, Windows Embedded Standard 7, and Windows Embedded POS Ready 7 have reached th...

December 14, 2021—KB5008207 (OS Build 14393.4825) - EXPIRED

December 14, 2021—KB5008207 OS Build 14393.4825 - EXPIRED EXPIRATION NOTICE As of 9/12/2023, KB5008207 is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. --- 11/9/202...

Canon LBP223 Licensing Issue Vulnerability

Canon LBP223 is a printer from Canon Japan. The Canon LBP223 printer has an authorization issue vulnerability, which stems from the fact that the LBP223 printer system management mode login does not require an account password or PIN. attackers can use this vulnerability to enter the background a...