Filtered by vendor Lexmark
Subscribe
Total
57 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-23560 | 1 Lexmark | 256 B2236, B2236 Firmware, B2338 and 253 more | 2023-02-08 | N/A | 9.8 CRITICAL |
| In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation. | |||||
| CVE-2023-22960 | 1 Lexmark | 256 B2236, B2236 Firmware, B2338 and 253 more | 2023-02-06 | N/A | 7.5 HIGH |
| Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. | |||||
| CVE-2022-29850 | 1 Lexmark | 234 B2236, B2236 Firmware, B2338 and 231 more | 2022-09-30 | N/A | 8.1 HIGH |
| Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots. | |||||
| CVE-2022-24935 | 1 Lexmark | 2 Lexmark, Lexmark Firmware | 2022-05-09 | 5.0 MEDIUM | 7.5 HIGH |
| Lexmark products through 2022-02-10 have Incorrect Access Control. | |||||
| CVE-2017-2806 | 1 Lexmark | 1 Perceptive Document Filters | 2022-04-19 | 4.3 MEDIUM | 3.3 LOW |
| An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory disclosure. The vulnerability was confirmed on versions 11.3.0.2228 and 11.3.0.2400 | |||||
| CVE-2017-2821 | 1 Lexmark | 1 Perceptive Document Filters | 2022-04-19 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable use-after-free exists in the PDF parsing functionality of Lexmark Perspective Document Filters 11.3.0.2400 and 11.4.0.2452. A crafted PDF document can lead to a use-after-free resulting in direct code execution. | |||||
| CVE-2017-2822 | 1 Lexmark | 1 Perceptive Document Filters | 2022-04-19 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack. A maliciously crafted PDF file can be used to trigger this vulnerability. | |||||
| CVE-2021-44734 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2022-03-17 | 10.0 HIGH | 9.8 CRITICAL |
| Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device. | |||||
| CVE-2021-44737 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2022-03-17 | 8.3 HIGH | 8.8 HIGH |
| PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files. | |||||
| CVE-2021-44735 | 1 Lexmark | 236 B2236, B2236 Firmware, B2338 and 233 more | 2022-03-17 | 10.0 HIGH | 9.8 CRITICAL |
| Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07. | |||||
| CVE-2021-44736 | 1 Lexmark | 2 Mc3224i, Mc3224i Firmware | 2022-03-17 | 10.0 HIGH | 9.8 CRITICAL |
| The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature. | |||||
| CVE-2021-44738 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2022-03-04 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter. | |||||
| CVE-2021-35449 | 1 Lexmark | 4 G2 Driver, G3 Driver, G4 Driver and 1 more | 2021-09-20 | 7.2 HIGH | 7.8 HIGH |
| The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below, and G4 driver 4.2.1.0 and below are affected by a privilege escalation vulnerability. A standard low priviliged user can use the driver to execute a DLL of their choosing during the add printer process, resulting in escalation of privileges to SYSTEM. | |||||
| CVE-2019-9931 | 1 Lexmark | 142 6500e, 6500e Firmware, C734 and 139 more | 2021-07-21 | 7.8 HIGH | 7.5 HIGH |
| Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device. | |||||
| CVE-2017-13771 | 1 Lexmark | 1 Scan To Network | 2021-07-20 | 5.0 MEDIUM | 9.8 CRITICAL |
| Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to (1) cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or (2) cgi-bin/direct/printer/prtappauth/apps/ImportExportServlet. | |||||
| CVE-2021-35469 | 1 Lexmark | 3 Printer Software G2, Printer Software G3, Printer Software G4 | 2021-07-19 | 7.2 HIGH | 7.8 HIGH |
| The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path. | |||||
| CVE-2019-10058 | 1 Lexmark | 148 6500e, 6500e Firmware, C734 and 145 more | 2020-08-24 | 6.4 MEDIUM | 9.1 CRITICAL |
| Various Lexmark products have Incorrect Access Control. | |||||
| CVE-2019-9935 | 1 Lexmark | 50 Cs31x, Cs31x Firmware, Cs41x and 47 more | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Various Lexmark products have Incorrect Access Control (issue 2 of 2). | |||||
| CVE-2019-9934 | 1 Lexmark | 50 Cs31x, Cs31x Firmware, Cs41x and 47 more | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Various Lexmark products have Incorrect Access Control (issue 1 of 2). | |||||
| CVE-2019-6489 | 1 Lexmark | 80 6500e, 6500e Firmware, Cx310 and 77 more | 2020-08-24 | 6.4 MEDIUM | 5.3 MEDIUM |
| Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts. | |||||