TencentOS Server 2: cups-filters (TSSA-2024:0529)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0529 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

CVE-2025-48067

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.11.1 contain a vulnerability that allows an attacker with the FILEUPLOAD permission to exfiltrate files from the host that OctoPrint has read access to, by moving them into the...

Command Execution Vulnerability in Brother Technology Corporation HL-L2360D series

The HL-L2360D series is a line of compact monochrome laser printers, with key models such as the HL-L2360DW. A command execution vulnerability exists in the Brother Technology Corporation HL-L2360D series, which can be exploited by an attacker to execute commands...

Lexmark Printer Path Traversal and Concurrent Execution Vulnerability (CVE-2025-1127)

Multiple Lexmark printer devices are prone to a path traversal and concurrent execution vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2025-40653

User enumeration vulnerability in M3M Printer Server Web. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine whether a username is valid or not, allowing a brute force attack on valid usernames...

(Pwn2Own) Canon imageCLASS MF656Cdw sfpcmAuthenticateSecAdmin Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF656Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sfpcmAuthenticateSecAdmin function. The issue results...

Citrix Session Printers are not mapped after logon

Unable to connect the printer from user end. Session printers are not mapped with following event in the Application event log: Event id: 1105 Cloud not add printer connection to printer \\, for the user username. Error condition is: The Printer name is invalid...

CVE-2025-40653

User enumeration vulnerability in M3M Printer Server Web. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine whether a username is valid or not, allowing a brute force attack on valid usernames...

CVE-2025-40653

CVE-2025-40653 : Affects M3M Printer Server Web. In authentication, a difference in error messages can reveal whether a username is valid, enabling an attacker to perform username enumeration and brute-force attempts. Documents do not specify affected versions, root cause details beyond the valid...

CVE-2025-40653 User enumeration in M3M Printer Server Web

User enumeration vulnerability in M3M Printer Server Web. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine whether a username is valid or not, allowing a brute force attack on valid usernames...

CVE-2025-40653 User enumeration in M3M Printer Server Web

User enumeration vulnerability in M3M Printer Server Web. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine whether a username is valid or not, allowing a brute force attack on valid usernames...

A week in security (May 19 – May 25)

Last week on Malwarebytes Labs: Lumma information stealer infrastructure disrupted Stalkerware apps go dark after data breach Scammers are using AI to impersonate senior officials, warns FBI 23andMe and its customers’ genetic data bought by a pharmaceutical org Malware-infected printer delivered...

CVE-2025-2146

Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera MF656Cdw/Satera MF654Cdw/Satera...

M3M Printer Server Web 安全漏洞

M3M Printer Server Web is a print service Web page from M3M. A security vulnerability exists in M3M Printer Server Web that stems from a user enumeration issue that could lead to a brute force attack...

PT-2025-22895 · Unknown · M3M Printer Server Web

Name of the Vulnerable Software and Affected Versions: M3M Printer Server Web affected versions not specified Description: A user enumeration issue exists in the user authentication process, where differing error messages could allow an attacker to determine if a username is valid, potentially...

CVE-2025-2146

A network-reachable buffer overflow in the WebService Authentication processing of Canon Office/Small Office Multifunction Printers and Laser Printers (Canon, Satera) is identified as CVE-2025-2146. Affected models include Canon Color imageCLASS and imageCLASS lines, Satera variants, and i-SENSYS...

CVE-2024-41995

Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver.12.89 and earlier. If this vulnerability is exploited, the product may be affected by some known TLS1.0 and TLS1.1 vulnerabilities. As for the specific products/models/versions of MFPs and printers...

CVE-2024-0794

Certain HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to Remote Code Execution due to buffer overflow when rendering fonts embedded in a PDF file...

CVE-2024-6620

Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site scripting vulnerability. An attacker could potentially inject malicious code which may lead to information disclosure, session theft, or client-side request forgery. Honeywell recommends updating to...

CVE-2024-6004

A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted...