Out-of-bounds write vulnerability in FUJIFILM Business Innovation MFPs

Overview Multiple MFPs multifunction printers provided by FUJIFILM Business Innovation Corp. contain the following vulnerability. Out-of-bounds Write CWE-787 - CVE-2025-48499 Jia-Ju Bai, Rui-Nan Hu, Dong Zhang, and Zhen-Yu Guan of School of Cyber Science and Technology of Beihang University...

CVE-2025-48499

Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially crafted IPP Internet Printing Protocol or LPD Line Printer Daemon packet may cause a denial-of-service DoS condition on an affected MFP. Resetting the MFP is required to recover from the denial-of-service D...

CVE-2025-48499

CVE-2025-48499 is an out-of-bounds write vulnerability in FUJIFILM Business Innovation MFPs. A specially crafted IPP or LPD packet can cause a denial-of-service (DoS) on affected devices; recovery requires an MFP reset. Several connected sources confirm the issue and, in at least one entry, advis...

Fujifilm DocuPrint CP225w 缓冲区错误漏洞

The Fujifilm DocuPrint CP225w is a printer from Fujifilm Japan. A buffer error vulnerability exists in the Fujifilm DocuPrint CP225w, which originates from a specially crafted IPP or LPD packet that results in an out-of-bounds write, potentially leading to a denial of service...

PT-2025-31797 · Fujifilm · Fujifilm Business Innovation Mfps

Name of the Vulnerable Software and Affected Versions: FUJIFILM Business Innovation MFPs affected versions not specified Description: An out-of-bounds write issue exists in FUJIFILM Business Innovation MFPs. Sending a specially crafted Internet Printing Protocol IPP or Line Printer Daemon LPD...

The vulnerability of microprogrammed software in HP Color LaserJet MFP multifunctional printers, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of microprogrammed software in HP Color LaserJet MFP multifunctional printers is related to insufficient protection for the local address book’s service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

HP Color LaserJet MFP M478-M479 / LaserJet Pro MFP M428-M429 Printers Information Disclosure Vulnerability (HPSBPI04040)

Multiple HP LaserJet Pro printers are prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREF...

HP Multiple Products Buffer Overflow (CVE-2019-6337)

For the printers listed a maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

CVE-2025-3508

Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information...

NewStart CGSL MAIN 7.02 : cups-filters Vulnerability (NS-SA-2025-0163)

The remote NewStart CGSL host, running version MAIN 7.02, has cups-filters packages installed that are affected by a vulnerability: - cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the...

Directory Traversal

Overview MoneyPrinterTurbo is a Simply provide a topic or keyword for a video, and it will automatically generate the video copy, video materials, video subtitles, and video background music before synthesizing a high-definition short video.. Affected versions of this package are vulnerable to...

Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)

Overview During security testing, Rapid7 discovered that Konica Minolta bizhub 227 Multifunction printers MFPs were vulnerable to a pass-back attack. The affected products identified were: Konica Minolta bizhub MFPs Firmware Version: GCQ-Y3 and earlier This issue has been assigned the following...

Multiple Printer Devices Information Disclosure (CVE-2024-51977)

Binary data printercve-2024-51977.nbin...

HP Universal Print Driver – Potential Denial of Service

HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older e.g., v7.3.x, v7.2.x, v7.1.x, etc.. Update your printer software...

CVE-2024-51982

An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language PJL command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non...

CVE-2024-51982

An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language PJL command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non...

CVE-2024-51982

An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language PJL command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non...

CVE-2024-51983 Unauthenticated Denial of Service (DoS) via malformed WS-Scan request affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker who can connect to the Web Services feature HTTP TCP port 80 can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the...

PT-2025-26815 · Brother Industries +2 · Dcp-7090Dw +199

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language PJL command that will crash the target device. The device will reboot, after which the attacker...

PT-2025-26810 · Unknown · Network Printer

Name of the Vulnerable Software and Affected Versions: Brother, FUJIFILM, RICOH, Toshiba Tec, and Konica Minolta Printers affected versions not specified Description: An unauthenticated attacker with access to the HTTP service TCP port 80, HTTPS service TCP port 443, or IPP service TCP port 631 c...