CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS6AI score0.00364EPSS

Exploits0References1

Cisco Threats•added 2014/04/02 3:30 p.m.•14 views

Threat Outbreak Alert: Fake Scanned Document Notification Email Messages on April 2, 2014

Medium Alert ID: 33620 First Published: 2014 April 2 15:30 GMT Last Updated: 2014 April 4 14:02 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a scanned document for the recipient. The text in the email message attempts...

0.1AI score

Exploits0

Cisco Threats•added 2013/03/26 1:15 p.m.•12 views

Threat Outbreak Alert: Fake Scanned Document Attachment Email Messages on November 26, 2013

Medium Alert ID: 28724 First Published: 2013 March 26 13:15 GMT Last Updated: 2013 November 27 15:41 GMT Version: 38 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a scanned document sent from a Xerox WorkCentre Pro device for the...

1.3AI score

Exploits0

Cisco Threats•added 2012/03/06 6:23 p.m.•179 views

Threat Outbreak Alert: Fake Xerox Scan Attachment Email Messages on May 6, 2015

Medium Alert ID: 25325 First Published: 2012 March 6 18:23 GMT Last Updated: 2015 May 6 12:23 GMT Version: 75 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a scanned document from a Xerox WorkCentre Pro device. The text in the email...

0.2AI score

Exploits0

CVE•added 2009/05/16 6:0 p.m.•54 views

CVE-2009-1656

The CVE-2009-1656 entry pertains to Xerox WorkCentre/WorkCentre Pro devices: models 232, 238, 245, 255, 265, 275 and 5632, 5638, 5645, 5655, 5665, 5675, 5687, 7655, 7656, 7675. Documented issue: a remote command-injection vulnerability in the device web server that allows arbitrary commands to be...

10CVSS8.2AI score0.07735EPSS

Exploits0References7Affected Software1

ATTACKERKB•added 2008/06/23 5:41 p.m.•1 views

CVE-2008-2825

Cross-site scripting XSS vulnerability in the embedded Web Server in Xerox WorkCentre M123, M128, and 133 and WorkCentre Pro 123, 128, and 133 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00475EPSS

Exploits0References7

NVD•added 2006/12/11 6:28 p.m.•11 views

CVE-2006-6470

The SNMP Agent in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 returns no error for a non-writable object, which has unknown impact and attack vectors. NOTE: due to the vagueness of the advisory, it is not clear whether this is...

10CVSS6.5AI score0.00402EPSS

Exploits0References2

NVD•added 2006/12/11 6:28 p.m.•14 views

CVE-2006-6473

Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to 1 an Immediate Image Overwrite IIO error message at the Local User Interface LUI if overwri...

10CVSS6.8AI score0.00357EPSS

Exploits0References2

NVD•added 2006/12/11 6:28 p.m.•12 views

CVE-2006-6467

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not properly restrict access to SMB file resources, which allows remote attackers to gain unspecified file or directory access via vectors related to 1 visibility of the SMB "Home...

5.8CVSS6.9AI score0.00202EPSS

Exploits0References2

NVD•added 2006/12/11 6:28 p.m.•12 views

CVE-2006-6468

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not check the Fully Qualified Domain Name FQDN during a "Validate Repository SSL Certificate" scan, which has unknown impact and attack vectors, possibly related to spoofed...

5.8CVSS6.6AI score0.00051EPSS

Exploits0References2

NVD•added 2006/12/11 6:28 p.m.•12 views

CVE-2006-6469

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not block the postgres port 5432/tcp, which has unknown impact and remote attack vectors, probably related to unauthorized connections to a PostgreSQL daemon...

5.8CVSS6.6AI score0.00095EPSS

Exploits0References2

CVE•added 2006/12/11 6:0 p.m.•45 views

CVE-2006-6471

Xerox WorkCentre and WorkCentre Pro betroffen: Versionen vor 12.050.03.000, 13.x vor 13.050.03.000 und 14.x vor 14.050.03.000 verwenden schwache Berechtigungen für bestimmte Dateien, was unkontrollierten Zugriff auf diese Dateien ermöglicht. Die Schwachstelle ergibt sich aus den Dateiberechtigung...

10CVSS7.1AI score0.00304EPSS

Exploits0References2Affected Software1

CVE•added 2006/12/11 6:0 p.m.•41 views

CVE-2006-6469

CVE-2006-6469 affects Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000. The issue is that these devices do not block the PostgreSQL port 5432/tcp, which could permit unauthorized connections to a PostgreSQL daemon. The available do...

5.8CVSS7AI score0.00095EPSS

Exploits0References2Affected Software1

CVE•added 2006/12/11 6:0 p.m.•55 views

CVE-2006-6472

The CVE-2006-6472 entry relates to the httpd.conf configuration in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000, where port 443 is configured to be always active. This describes a configuration issue with unknown impact and rem...

10CVSS7AI score0.00402EPSS

Exploits0References2Affected Software1