Total
17 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40239 | 1 Lexmark | 164 C2132, C2132 Firmware, Cs310 and 161 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., '*' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability.
|
|||||
| CVE-2021-44738 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.
|
|||||
| CVE-2021-44737 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
|
PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.
|
|||||
| CVE-2021-44734 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.
|
|||||
| CVE-2020-10094 | 1 Lexmark | 160 6500e, 6500e Firmware, C734 and 157 more | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
A cross-site scripting (XSS) vulnerability in Lexmark CS31x before LW74.VYL.P273; CS41x before LW74.VY2.P273; CS51x before LW74.VY4.P273; CX310 before LW74.GM2.P273; CX410 & XC2130 before LW74.GM4.P273; CX510 & XC2132 before LW74.GM7.P273; MS310, MS312, MS317 before LW74.PRL.P273; MS410, M1140 before LW74.PRL.P273; MS315, MS415, MS417 before LW74.TL2.P273; MS51x, MS610dn, MS617 before LW74.PR2.P273; M1145, M3150dn before LW74.PR2.P273; MS610de, M3150 before LW74.PR4.P273; MS71x,M5163dn before LW ...
Show More |
|||||
| CVE-2020-10093 | 1 Lexmark | 160 6500e, 6500e Firmware, C734 and 157 more | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
A cross-site scripting (XSS) vulnerability in Lexmark Pro910 series inkjet and other discontinued products.
|
|||||
| CVE-2019-9933 | 1 Lexmark | 142 6500e, 6500e Firmware, C734 and 139 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Various Lexmark products have a Buffer Overflow (issue 3 of 3).
|
|||||
| CVE-2019-9932 | 1 Lexmark | 142 6500e, 6500e Firmware, C734 and 139 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Various Lexmark products have a Buffer Overflow (issue 2 of 3).
|
|||||
| CVE-2019-9931 | 1 Lexmark | 142 6500e, 6500e Firmware, C734 and 139 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device.
|
|||||
| CVE-2019-9930 | 1 Lexmark | 142 6500e, 6500e Firmware, C734 and 139 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Various Lexmark products have an Integer Overflow.
|
|||||
| CVE-2019-6489 | 1 Lexmark | 80 6500e, 6500e Firmware, Cx310 and 77 more | 2024-11-21 | 6.4 MEDIUM | 5.3 MEDIUM |
|
Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts.
|
|||||
| CVE-2019-19773 | 1 Lexmark | 160 6500e, 6500e Firmware, C734 and 157 more | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US.
|
|||||
| CVE-2019-19772 | 1 Lexmark | 160 6500e, 6500e Firmware, C734 and 157 more | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US.
|
|||||
| CVE-2019-18791 | 1 Lexmark | 160 6500e, 6500e Firmware, C734 and 157 more | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser.
|
|||||
| CVE-2019-10059 | 1 Lexmark | 142 6500e, 6500e Firmware, C734 and 139 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.
|
|||||
| CVE-2019-10058 | 1 Lexmark | 148 6500e, 6500e Firmware, C734 and 145 more | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Various Lexmark products have Incorrect Access Control.
|
|||||
| CVE-2018-18894 | 1 Lexmark | 98 6500e, 6500e Firmware, C748 and 95 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Certain older Lexmark devices (C, M, X, and 6500e before 2018-12-18) contain a directory traversal vulnerability in the embedded web server.
|
|||||