Vulnerabilities (CVE)

Filtered by vendor Lexmark Subscribe
Filtered by product Cx820
Total 11 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-26069 1 Lexmark 152 B2236, B2338, B2442 and 149 more 2024-11-21 N/A 9.8 CRITICAL
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4).
CVE-2023-26068 1 Lexmark 152 B2236, B2338, B2442 and 149 more 2024-11-21 N/A 9.8 CRITICAL
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).
CVE-2023-26067 1 Lexmark 163 B2236, B2338, B2442 and 160 more 2024-11-21 N/A 8.1 HIGH
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4).
CVE-2023-23560 1 Lexmark 256 B2236, B2236 Firmware, B2338 and 253 more 2024-11-21 N/A 9.8 CRITICAL
In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.
CVE-2023-22960 1 Lexmark 256 B2236, B2236 Firmware, B2338 and 253 more 2024-11-21 N/A 7.5 HIGH
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency.
CVE-2022-29850 1 Lexmark 234 B2236, B2236 Firmware, B2338 and 231 more 2024-11-21 N/A 8.1 HIGH
Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.
CVE-2021-44738 1 Lexmark 467 6500e, 6500e Firmware, B2236 and 464 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.
CVE-2021-44737 1 Lexmark 467 6500e, 6500e Firmware, B2236 and 464 more 2024-11-21 8.3 HIGH 8.8 HIGH
PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.
CVE-2021-44735 1 Lexmark 236 B2236, B2236 Firmware, B2338 and 233 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.
CVE-2021-44734 1 Lexmark 467 6500e, 6500e Firmware, B2236 and 464 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.
CVE-2018-17944 1 Lexmark 16 Cx725h, Cx725h Firmware, Cx820 and 13 more 2024-11-21 4.0 MEDIUM 4.9 MEDIUM
On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. This occurs because stored credentials are not automatically deleted upon that type of hostname change.