3863 matches found
Integer overflow
Some Kyocera printers such as the ECOSYS M5526cdw 2R72000.001.701 were affected by an integer overflow vulnerability in the arg3 parameter of several functionalities of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or...
CVE-2019-13172
CVE-2019-13172 concerns a buffer overflow vulnerability in the Authentication Cookie of the web application on some Xerox printers (e.g., Phaser 3320 with firmware 53.006.16.000). The underlying issue allows an attacker to execute arbitrary code on the device. Documents consistently describe the ...
CVE-2019-13195
The CVE-2019-13195 entry describes a path traversal vulnerability in the web application of Kyocera ECOSYS M5526CDW (e.g., 2R7_2000.001.701). The vulnerability allows an unauthenticated user to retrieve arbitrary files or check for file/folder existence outside a restricted directory due to insuf...
CVE-2019-13197
CVE-2019-13197 affects Kyocera ECOSYS M5526CDW and similar printers. A buffer overflow in the URI paths of the web application allows an unauthenticated attacker to perform a Denial of Service and, potentially, execute arbitrary code on the device. Affected version reference observed is 2R7_2000....
CVE-2019-13197
Some Kyocera printers such as the ECOSYS M5526cdw 2R72000.001.701 were affected by a buffer overflow vulnerability in the URI paths of the web application that would allow an unauthenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code...
CVE-2019-13198
The web application of several Kyocera printers such as the ECOSYS M5526cdw 2R72000.001.701 was affected by Stored XSS. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions...
CVE-2019-13199
Some Kyocera printers such as the ECOSYS M5526cdw 2R72000.001.701 did not implement any mechanism to avoid CSRF. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device...
CVE-2019-13201
CVE-2019-13201 affects Kyocera printers, notably the ECOSYS M5526cdw (2R7_2000.001.701). The underlying flaw is a buffer overflow in the LPD service, which allows an unauthenticated attacker to cause a Denial of Service and potentially execute arbitrary code on the device. The available documents...
CVE-2019-13204
CVE-2019-13204 affects Kyocera ECOSYS M5526CDW (example 2R7_2000.001.701) via multiple buffer overflow flaws in the IPP service. The underlying issue is in the IPP component, leading to unauthenticated DoS and potential arbitrary code execution on the device. The connected records corroborate the...
CVE-2019-13204
Some Kyocera printers such as the ECOSYS M5526cdw 2R72000.001.701 were affected by multiple buffer overflow vulnerabilities in the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service DoS, and potentially execute arbitrary code on the device...
VMware Workstation Virtual Printer External Control of File Name Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Virtual Print...
Microsoft Windows Printer Device Context Use-After-Free Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...
RICOH Aficio Printer Command Injection (CVE-2019-11845)
A command injection vulnerability exists in RICOH Aficio Printer. Successful exploitation of this vulnerability could allow remote attackers to execute system arbitrary commands in the affected system...
Update 15.4 for Microsoft Dynamics 365 Business Central 2019 Release Wave 2 (Application Build 15.4.41345, Platform Build 15.0.41271)
Update 15.4 for Microsoft Dynamics 365 Business Central 2019 Release Wave 2 Application Build 15.4.41345, Platform Build 15.0.41271 This article applies to Microsoft Dynamics 365 Business Central 2019 Release Wave 2 for all countries and all language locales.A remote code execution vulnerability...
The vulnerability of microprogrammed software in HP PageWide and HP OfficeJet Pro printers stems from the use of an assert() or similar operator function, which allows a malicious actor to trigger a service failure.
The vulnerability of Microprogrammed Software in HP PageWide and HP OfficeJet Pro printers is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow attackers to trigger a service failure using a specially created file...
The vulnerability of microprogrammed software in HP PageWide and HP OfficeJet Pro printers arises from the use of an operator like “assert()”, which allows a malicious actor to trigger a service failure or gain unauthorized access to protected information.
The vulnerability of Microprogrammed Software in HP PageWide and HP OfficeJet Pro printers is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow attackers to cause malfunctions during maintenance or gain unauthorized access to protected...
RICOH Aficio SP 5210SF Printer - entryNameIn HTML Injection
RICOH Aficio SP 5210SF Printer - entryNameIn HTML Injection Exploit Title: RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection Discovery by: Olga Villagran Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link:...
RICOH Aficio SP 5210SF Printer - (entryNameIn) HTML Injection Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection Discovery by: Olga Villagran Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/rc3/model/sp52s/sp52s.htm?lang=es...
RICOH Aficio SP 5200S Printer HTML Injection
Exploit Title: RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection Discovery by: Paulina Girón Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/re2/model/sp52s/sp52s.htm Product Version: RICOH Aficio SP 5200S Printer...
RICOH Aficio SP 5200S Printer - entryNameIn HTML Injection
RICOH Aficio SP 5200S Printer - entryNameIn HTML Injection Exploit Title: RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection Discovery by: Paulina Girón Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link:...