Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-26067 | 1 Lexmark | 163 B2236, B2338, B2442 and 160 more | 2023-12-10 | N/A | 8.1 HIGH |
| Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4). | |||||
| CVE-2023-26069 | 1 Lexmark | 152 B2236, B2338, B2442 and 149 more | 2023-12-10 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3 of 4). | |||||
| CVE-2023-26068 | 1 Lexmark | 152 B2236, B2338, B2442 and 149 more | 2023-12-10 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4). | |||||
| CVE-2023-22960 | 1 Lexmark | 256 B2236, B2236 Firmware, B2338 and 253 more | 2023-12-10 | N/A | 7.5 HIGH |
| Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. | |||||
| CVE-2023-23560 | 1 Lexmark | 256 B2236, B2236 Firmware, B2338 and 253 more | 2023-12-10 | N/A | 9.8 CRITICAL |
| In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation. | |||||
| CVE-2022-29850 | 1 Lexmark | 234 B2236, B2236 Firmware, B2338 and 231 more | 2023-12-10 | N/A | 8.1 HIGH |
| Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots. | |||||
| CVE-2021-44735 | 1 Lexmark | 236 B2236, B2236 Firmware, B2338 and 233 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07. | |||||
| CVE-2021-44734 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device. | |||||
| CVE-2021-44738 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter. | |||||
| CVE-2021-44737 | 1 Lexmark | 467 6500e, 6500e Firmware, B2236 and 464 more | 2023-12-10 | 8.3 HIGH | 8.8 HIGH |
| PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files. | |||||
| CVE-2018-17944 | 1 Lexmark | 16 Cx725h, Cx725h Firmware, Cx820 and 13 more | 2023-12-10 | 4.0 MEDIUM | 4.9 MEDIUM |
| On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. This occurs because stored credentials are not automatically deleted upon that type of hostname change. | |||||