CVE-2024-9423

Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, potentially blocking queued print jobs...

CVE-2023-0855

Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF740C...

CVE-2023-3711

Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM Printer web page modules allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5...

CVE-2023-3710

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM Printer web page modules allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 e.g. P10.19.050006...

CVE-2023-3712

Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM Printer web page modules allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version...

CVE-2023-38556

Improper input validation vulnerability in SEIKO EPSON printer Web Config allows a remote attacker to turned off the printer. Note Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers via a web browser. Web Config is pre-installed in som...

CVE-2023-6232

Buffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C...

CVE-2023-38607

The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14. An app may be able to modify Printer settings...

CVE-2023-34261

Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error...

CVE-2023-34260

Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow a denial of service service outage via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory...

CVE-2023-30759

The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. If a non-administrative user modifies the driver installation package and runs it on the target PC, an...

CVE-2023-23594

An authentication bypass vulnerability in the web client interface for the CL4NX printer before firmware version 1.13.3-u724r2 provides remote unauthenticated attackers with access to execute commands intended only for valid/authenticated users, such as file uploads and configuration changes...

CVE-2023-21028

In parseprinterAttributes of ipphelper.c, there is a possible out of bounds read due to a string without a null-terminator. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2023-1526

Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer...

CVE-2023-1764

Canon IJ Network Tool/Ver.4.7.5 and earlier supported OS: OS X 10.9.5-macOS 13,IJ Network Tool/Ver.4.7.3 and earlier supported OS: OS X 10.7.5-OS X 10.8 allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the communication of the software...

CVE-2022-43752

Oracle Solaris version 10 1/13, when using the Common Desktop Environment CDE, is vulnerable to a privilege escalation vulnerability. A low privileged user can escalate to root by crafting a malicious printer and double clicking on the the crafted printer's icon...

CVE-2022-4894

Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element...

CVE-2022-48472

A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution. Affected product versions include:BiSheng-WNM versions OTA-BiSheng-FW-2.0.0.211-beta,BiSheng-WNM FW 3.0.0.325,BiSheng-WNM FW 2.0.0.211...

CVE-2022-48471

There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to be abnormal...

CVE-2022-48255

There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution...