Filtered by vendor Lexmark
Subscribe
Total
66 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40239 | 1 Lexmark | 164 C2132, C2132 Firmware, Cs310 and 161 more | 2024-11-21 | N/A | 7.5 HIGH |
| Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., '*' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability. | |||||
| CVE-2023-26070 | 1 Lexmark | 217 6500e, B2236, B2338 and 214 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 4 of 4). | |||||
| CVE-2023-26069 | 1 Lexmark | 152 B2236, B2338, B2442 and 149 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4). | |||||
| CVE-2023-26068 | 1 Lexmark | 152 B2236, B2338, B2442 and 149 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4). | |||||
| CVE-2023-26067 | 1 Lexmark | 163 B2236, B2338, B2442 and 160 more | 2024-11-21 | N/A | 8.1 HIGH |
| Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4). | |||||
| CVE-2023-26066 | 1 Lexmark | 217 6500e, B2236, B2338 and 214 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 have Improper Validation of an Array Index. | |||||
| CVE-2023-26065 | 1 Lexmark | 217 6500e, B2236, B2338 and 214 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 have an Integer Overflow. | |||||
| CVE-2023-26064 | 1 Lexmark | 217 6500e, B2236, B2338 and 214 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 have an Out-of-bounds Write. | |||||
| CVE-2023-26063 | 1 Lexmark | 217 6500e, B2236, B2338 and 214 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type. | |||||
| CVE-2023-23560 | 1 Lexmark | 256 B2236, B2236 Firmware, B2338 and 253 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation. | |||||
| CVE-2023-22960 | 1 Lexmark | 256 B2236, B2236 Firmware, B2338 and 253 more | 2024-11-21 | N/A | 7.5 HIGH |
| Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. | |||||
| CVE-2022-29850 | 1 Lexmark | 234 B2236, B2236 Firmware, B2338 and 231 more | 2024-11-21 | N/A | 8.1 HIGH |
| Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots. | |||||
| CVE-2022-24935 | 1 Lexmark | 2 Lexmark, Lexmark Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Lexmark products through 2022-02-10 have Incorrect Access Control. | |||||
| CVE-2021-44738 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter. | |||||
| CVE-2021-44737 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files. | |||||
| CVE-2021-44736 | 1 Lexmark | 2 Mc3224i, Mc3224i Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature. | |||||
| CVE-2021-44735 | 1 Lexmark | 236 B2236, B2236 Firmware, B2338 and 233 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07. | |||||
| CVE-2021-44734 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device. | |||||
| CVE-2021-35469 | 1 Lexmark | 3 Printer Software G2, Printer Software G3, Printer Software G4 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path. | |||||
| CVE-2021-35449 | 1 Lexmark | 4 G2 Driver, G3 Driver, G4 Driver and 1 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below, and G4 driver 4.2.1.0 and below are affected by a privilege escalation vulnerability. A standard low priviliged user can use the driver to execute a DLL of their choosing during the add printer process, resulting in escalation of privileges to SYSTEM. | |||||