Lucene search
K

87 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/17 12:0 a.m.5 views

SHARP MFPs Cross-Site Scripting (CVE-2024-47801)

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser. This plugin only works with Tenable.ot...

7.4CVSS5.1AI score0.00338EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/17 12:0 a.m.7 views

SHARP MFPs Out-of-Bounds Vulnerabilities (CVE-2024-43424)

Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.5CVSS5.4AI score0.00729EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/17 12:0 a.m.3 views

SHARP MFPs Authentication Bypass (CVE-2024-47406)

Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

9.8CVSS5.5AI score0.00599EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/17 12:0 a.m.5 views

SHARP MFPs HTTP Header Injection (CVE-2024-47549)

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser. This plugin only works wi...

7.4CVSS5.5AI score0.00338EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/17 12:0 a.m.6 views

SHARP MFPs Traversal Vulnerability (CVE-2024-45842)

Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP requests. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-...

5.3CVSS5.4AI score0.00541EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/17 12:0 a.m.5 views

SHARP MFPs Out-of-Bounds Vulnerabilities (CVE-2024-42420)

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed. This plugin only works with Tenable.ot. Please visit...

7.5CVSS5.5AI score0.00729EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/17 12:0 a.m.6 views

SHARP MFPs Out-of-Bounds Vulnerabilities (CVE-2024-45829)

Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed. This plugin only works with Tenable.ot. Please visit...

7.5CVSS5.5AI score0.00685EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-2042

Malware in sbrugna...

6.8CVSS6.4AI score0.01148EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-39614

Malicious code in bioql PyPI...

7.5CVSS9AI score0.00729EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-42435

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00599EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-42693

Malicious code in bioql PyPI...

7.4CVSS9.1AI score0.00338EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-41622

Malicious code in bioql PyPI...

7.5CVSS9.1AI score0.00685EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-42518

Malicious code in bioql PyPI...

7.4CVSS9AI score0.00338EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-36336

Malicious code in bioql PyPI...

7.5CVSS9AI score0.00689EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/06/25 7:28 a.m.5 views

CVE-2024-51984 Authenticated disclosure of external service passwords via pass-back attack affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An authenticated attacker can reconfigure the target device to use an external service such as LDAP or FTP controlled by the attacker. If an existing password is present for an external service, the attacker can force the target device to authenticate to an attacker controlled device using the...

6.8CVSS7.2AI score0.00846EPSS
Exploits0References10
CVE
CVE
added 2025/06/25 7:28 a.m.22 views

CVE-2024-51984

CVE-2024-51984 describes an authentication-based credential disclosure risk affecting multiple Brother-branded devices and peers (Konica Minolta, FUJIFILM, Ricoh, Toshiba Tec) via pass-back to external services. An authenticated attacker can reconfigure a target device to use an attacker-controll...

6.8CVSS7.2AI score0.00846EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/06/25 7:28 a.m.13 views

CVE-2024-51984 Authenticated disclosure of external service passwords via pass-back attack affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An authenticated attacker can reconfigure the target device to use an external service such as LDAP or FTP controlled by the attacker. If an existing password is present for an external service, the attacker can force the target device to authenticate to an attacker controlled device using the...

6.8CVSS0.00846EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2025/06/25 7:26 a.m.7 views

CVE-2024-51983 Unauthenticated Denial of Service (DoS) via malformed WS-Scan request affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker who can connect to the Web Services feature HTTP TCP port 80 can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the...

7.5CVSS7.3AI score0.07466EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/06/25 7:26 a.m.23 views

CVE-2024-51983 Unauthenticated Denial of Service (DoS) via malformed WS-Scan request affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker who can connect to the Web Services feature HTTP TCP port 80 can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the...

7.5CVSS0.07466EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/06/25 7:23 a.m.7 views

CVE-2024-51981 Unauthenticated Server Side Request Forgery (SSRF) via WS-Eventing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, and Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker may perform a blind server side request forgery SSRF, due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages the WS-Addressing feature used during a WS-Eventing subscription SOAP operation. The attacker can control al...

5.3CVSS7.5AI score0.00822EPSS
Exploits0References10
Rows per page
Query Builder