3863 matches found
Canon LBP7110Cw Authentication Bypass
Exploit Title: Canon LBP7110Cw - Authentication Bypass Date: 2018-06-07 Exploit Author: Huy Kha Vendor Homepage: http://global.canon.com Version: LBP7110Cw CVE: CVE-2018-12049 Severity: High Leads to full System Manager Mode account take-over Description : A remote attacker can bypass the...
PT-2018-10969 · Canon · Canon Lbp7110Cw
Name of the Vulnerable Software and Affected Versions: Canon LBP7110Cw affected versions not specified Description: A remote attacker can bypass the Management Mode on the Canon LBP7110Cw web interface without a PIN for "/checkLogin.cgi" via vectors involving "/portal top.html" to get full access...
Canon LBP6030w Access Control Vulnerability
The Canon LBP6030w is a color laser printer device from Canon Japan. A security vulnerability exists in the web interface of the Canon LBP6030w. The vulnerability can be exploited by an attacker to bypass System Manager Mode and gain full access to the device without a PIN...
Canon LBP7110Cw Access Control Vulnerability
The Canon LBP7110Cw is a color laser printer device from Canon Japan. A security vulnerability exists in the web interface in the Canon LBP7110Cw. The vulnerability can be exploited by an attacker to bypass the administrative mode and gain full access to the device without a PIN...
Brother HL Series Printer XSS Vulnerability
Brother HL Series Printer is prone to a cross site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Canon MF210/MF220 Series Printers Access Bypass Vulnerability (Apr 2018)
Canon MF210/MF220 Series Printers are prone to an access bypass vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program ...
Samba Printer Server spoolss Denial Of Service (CVE-2018-1050)
A Denial Of Service vulnerability exists in Samba Printer Service. The vulnerability is due to improper validation of user input...
Brother HL-L2340D / HL-L2380DW Cross Site Scripting
Exploit Title: XSS at Brother HL-L2340D & HL-L2380DW series Date: 30.05.2018 Exploit Author: Huy Kha Vendor Homepage: http://support.brother.com Software Link: Website Version: HL-L2340D & HL-L2380DW series Tested on: Mozilla FireFox Reflected XSS Payload : "--!" Description : Starting searching...
Microsoft Windows: Devices: Prevent users from installing printer drivers
This test checks the setting for policy OpenVAS Vulnerability Test $Id: windevicespreventusersprinterdrivers.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Devices: Prevent users from installing printer drivers Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...
printerdriverforwindows.com XSS vulnerability
Open Bug Bounty ID: OBB-619577 Description| Value ---|--- Affected Website:| printerdriverforwindows.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2018-10326
PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored XSS vulnerabilities via the 1 department field in the printer configuration, 2 description field in the print server configuration, and 3 username field for authentication to print as guest...
[SECURITY] Fedora 26 Update: ghostscript-9.20-11.fc26
Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...
MS07-017: Vulnerability in GDI could allow remote code execution
MS07-017: Vulnerability in GDI could allow remote code execution Microsoft has released security bulletin MS07-017. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the comple...
Debian: Security Advisory (DLA-1288-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3577-1 cups vulnerability
Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to "localhost.localdomain" from the loopback interface. If a user were tricked in to opening a specially crafted website in their web browser, an attacker could potentially exploit this to obtain sensitive information...
CVE-2017-15400
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue...
Crlf injection
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue...
CVE-2017-15400
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue...
CVE-2017-15400
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue...
UBUNTU-CVE-2017-15400
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue...