Vulnerabilities (CVE)

Filtered by vendor Lexmark Subscribe
Total 66 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-40239 1 Lexmark 164 C2132, C2132 Firmware, Cs310 and 161 more 2023-12-10 N/A 7.5 HIGH
Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., '*' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability.
CVE-2023-26064 1 Lexmark 217 6500e, B2236, B2338 and 214 more 2023-12-10 N/A 9.8 CRITICAL
Certain Lexmark devices through 2023-02-19 have an Out-of-bounds Write.
CVE-2023-26067 1 Lexmark 163 B2236, B2338, B2442 and 160 more 2023-12-10 N/A 8.1 HIGH
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4).
CVE-2023-26069 1 Lexmark 152 B2236, B2338, B2442 and 149 more 2023-12-10 N/A 9.8 CRITICAL
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4).
CVE-2023-26065 1 Lexmark 217 6500e, B2236, B2338 and 214 more 2023-12-10 N/A 9.8 CRITICAL
Certain Lexmark devices through 2023-02-19 have an Integer Overflow.
CVE-2023-26070 1 Lexmark 217 6500e, B2236, B2338 and 214 more 2023-12-10 N/A 9.8 CRITICAL
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 4 of 4).
CVE-2023-26066 1 Lexmark 217 6500e, B2236, B2338 and 214 more 2023-12-10 N/A 9.8 CRITICAL
Certain Lexmark devices through 2023-02-19 have Improper Validation of an Array Index.
CVE-2023-26068 1 Lexmark 152 B2236, B2338, B2442 and 149 more 2023-12-10 N/A 9.8 CRITICAL
Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).
CVE-2023-26063 1 Lexmark 217 6500e, B2236, B2338 and 214 more 2023-12-10 N/A 9.8 CRITICAL
Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type.
CVE-2023-22960 1 Lexmark 256 B2236, B2236 Firmware, B2338 and 253 more 2023-12-10 N/A 7.5 HIGH
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency.
CVE-2023-23560 1 Lexmark 256 B2236, B2236 Firmware, B2338 and 253 more 2023-12-10 N/A 9.8 CRITICAL
In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.
CVE-2022-29850 1 Lexmark 234 B2236, B2236 Firmware, B2338 and 231 more 2023-12-10 N/A 8.1 HIGH
Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.
CVE-2022-24935 1 Lexmark 2 Lexmark, Lexmark Firmware 2023-12-10 5.0 MEDIUM 7.5 HIGH
Lexmark products through 2022-02-10 have Incorrect Access Control.
CVE-2021-44735 1 Lexmark 236 B2236, B2236 Firmware, B2338 and 233 more 2023-12-10 10.0 HIGH 9.8 CRITICAL
Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.
CVE-2021-44736 1 Lexmark 2 Mc3224i, Mc3224i Firmware 2023-12-10 10.0 HIGH 9.8 CRITICAL
The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature.
CVE-2021-44734 1 Lexmark 467 6500e, 6500e Firmware, B2236 and 464 more 2023-12-10 10.0 HIGH 9.8 CRITICAL
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.
CVE-2021-44738 1 Lexmark 467 6500e, 6500e Firmware, B2236 and 464 more 2023-12-10 10.0 HIGH 9.8 CRITICAL
Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.
CVE-2021-44737 1 Lexmark 467 6500e, 6500e Firmware, B2236 and 464 more 2023-12-10 8.3 HIGH 8.8 HIGH
PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.
CVE-2021-35469 1 Lexmark 3 Printer Software G2, Printer Software G3, Printer Software G4 2023-12-10 7.2 HIGH 7.8 HIGH
The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to a registry entry that has an unquoted service path.
CVE-2021-35449 1 Lexmark 4 G2 Driver, G3 Driver, G4 Driver and 1 more 2023-12-10 7.2 HIGH 7.8 HIGH
The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below, and G4 driver 4.2.1.0 and below are affected by a privilege escalation vulnerability. A standard low priviliged user can use the driver to execute a DLL of their choosing during the add printer process, resulting in escalation of privileges to SYSTEM.