Vendor CVEs
Canon
All CVEs
92 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-2184 | Cri | 0.64 | 9.8 | 0.01 | Mar 11, 2024 | Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF740C… | ||
| CVE-2018-12049 | Cri | 0.64 | 9.8 | 0.05 | Jun 8, 2018 | A remote attacker can bypass the System Manager Mode on the Canon LBP6030w web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps… | ||
| CVE-2018-12048 | Cri | 0.64 | 9.8 | 0.05 | Jun 8, 2018 | A remote attacker can bypass the Management Mode on the Canon LBP7110Cw web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the… | ||
| CVE-2018-11711 | Cri | 0.64 | 9.8 | 0.05 | Jun 4, 2018 | A remote attacker can bypass the System Manager Mode on the Canon MF210 and MF220 web interface without knowing the PIN for /login.html via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a… | ||
| CVE-2018-11692 | Cri | 0.64 | 9.8 | 0.05 | Jun 4, 2018 | An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=DevStatus. NOTE: the vendor reportedly responded that this issue occurs when a… | ||
| CVE-2025-1268 | Cri | 0.61 | 9.4 | 0.01 | Mar 31, 2025 | Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Printer Driver / UFRII LT Printer… | ||
| CVE-2025-11843 | Hig | 0.57 | — | 0.00 | Oct 31, 2025 | Therefore Corporation GmbH has recently become aware that Therefore™ Online and Therefore™ On-Premises contain an account impersonation vulnerability. A malicious user may potentially be able to impersonate the web service account or the account of a service using the API… | ||
| CVE-2025-3079 | Hig | 0.57 | 8.7 | 0.01 | May 20, 2025 | A passback vulnerability which relates to office/small office multifunction printers and laser printers. | ||
| CVE-2026-32679 | Hig | 0.51 | 7.8 | 0.00 | Apr 23, 2026 | The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely load Dynamic Link Libraries (DLLs). If a… | ||
| CVE-2025-47422 | Hig | 0.49 | 7.5 | 0.00 | Jul 8, 2025 | Advanced Installer before 22.6 has an uncontrolled search path element local privilege escalation vulnerability. When running as SYSTEM in certain configurations, Advanced Installer looks in standard-user writable locations for non-existent binaries and executes them as SYSTEM.… | ||
| CVE-2026-9261 | Med | 0.44 | 6.8 | 0.00 | Jun 16, 2026 | Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||
| CVE-2026-1585 | Med | 0.44 | 6.7 | 0.00 | Feb 27, 2026 | An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service. | ||
| CVE-2018-12111 | Med | 0.43 | 6.1 | 0.02 | Jun 11, 2018 | Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI. | ||
| CVE-2026-9262 | Med | 0.42 | 6.5 | 0.00 | Jun 16, 2026 | Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||
| CVE-2026-9259 | Med | 0.42 | 6.5 | 0.00 | Jun 16, 2026 | Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||
| CVE-2026-9258 | Med | 0.42 | 6.5 | 0.00 | Jun 16, 2026 | Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||
| CVE-2026-9260 | Med | 0.40 | 6.2 | 0.00 | Jun 16, 2026 | Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||
| CVE-2025-9903 | Med | 0.38 | 5.9 | 0.00 | Sep 29, 2025 | Out-of-bounds write vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer… | ||
| CVE-2025-7698 | Med | 0.38 | 5.9 | 0.00 | Sep 29, 2025 | Out-of-bounds read vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer… | ||
| CVE-2025-9904 | Med | 0.34 | 5.3 | 0.00 | Sep 29, 2025 | Unallocated memory access vulnerability in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2… | ||
| CVE-2025-0236 | Med | 0.34 | 5.3 | 0.01 | Feb 26, 2025 | Out-of-bounds vulnerability in slope processing during curve rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver. | ||
| CVE-2025-0235 | Med | 0.34 | 5.3 | 0.01 | Feb 26, 2025 | Out-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver. | ||
| CVE-2025-0234 | Med | 0.34 | 5.3 | 0.01 | Feb 26, 2025 | Out-of-bounds vulnerability in curve segmentation processing of Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver. | ||
| CVE-2026-6892 | Med | 0.33 | 5.0 | 0.00 | May 29, 2026 | Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS(*) may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have… | ||
| CVE-2026-6891 | Med | 0.33 | 5.0 | 0.00 | May 29, 2026 | Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of files for which they would not… | ||
| CVE-2025-5995 | Med | 0.30 | — | 0.00 | Jun 26, 2025 | Canon EOS Webcam Utility Pro for MAC OS version 2.3d (2.3.29) and earlier contains an improper directory permissions vulnerability. Exploitation of this vulnerability requires administrator access by a malicious user. An attacker could modify the directory, potentially resulting… | ||
| CVE-2006-1185 | 0.09 | — | 0.70 | Apr 11, 2006 | Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. | |||
| CVE-2006-1188 | 0.08 | — | 0.57 | Apr 11, 2006 | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. | |||
| CVE-2006-1192 | 0.06 | — | 0.31 | Apr 11, 2006 | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address… | |||
| CVE-2006-7065 | 0.05 | — | 0.20 | Mar 2, 2007 | Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference. | |||
| CVE-2013-4615 | 0.04 | — | 0.16 | Jun 21, 2013 | The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/pages_MacUS/cgi_lan.cgi followed by a direct request to… | |||
| CVE-2006-3354 | 0.04 | — | 0.17 | Jul 6, 2006 | Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference. | |||
| CVE-2021-38085 | 0.03 | — | 0.01 | Aug 11, 2021 | The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. During the add printer process, a local attacker can overwrite CNMurGE.dll and, if timed properly, the overwritten DLL will be loaded into a SYSTEM process resulting in escalation of… | |||
| CVE-2019-14339 | 0.03 | — | 0.05 | Sep 5, 2019 | The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's malicious application to obtain sensitive information including factory passwords… | |||
| CVE-2013-4614 | 0.03 | — | 0.03 | Jun 21, 2013 | English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of… | |||
| CVE-2021-38154 | 0.01 | — | 0.04 | Aug 29, 2021 | Certain Canon devices manufactured in 2012 through 2020 (such as imageRUNNER ADVANCE iR-ADV C5250), when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail… | |||
| CVE-2006-2900 | 0.01 | — | 0.13 | Jun 7, 2006 | Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those… | |||
| CVE-2005-4827 | 0.01 | — | 0.11 | Dec 31, 2005 | Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return… | |||
| CVE-2025-14236 | 0.00 | — | 0.01 | Jan 15, 2026 | Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series… | |||
| CVE-2025-14234 | 0.00 | — | 0.01 | Jan 15, 2026 | Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series… | |||
| CVE-2025-14233 | 0.00 | — | 0.01 | Jan 15, 2026 | Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C… | |||
| CVE-2025-14232 | 0.00 | — | 0.01 | Jan 15, 2026 | Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C… | |||
| CVE-2025-14231 | 0.00 | — | 0.01 | Jan 15, 2026 | Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C… | |||
| CVE-2025-2146 | 0.00 | — | 0.01 | May 25, 2025 | Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera… | |||
| CVE-2024-12647 | 0.00 | — | 0.01 | Jan 28, 2025 | Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw… | |||
| CVE-2024-0244 | 0.00 | — | 0.01 | Feb 6, 2024 | Buffer overflow in CPCA PCFAX number process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF750C Series firmware v03.07 and… | |||
| CVE-2023-6234 | 0.00 | — | 0.01 | Feb 6, 2024 | Buffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera… | |||
| CVE-2023-6233 | 0.00 | — | 0.01 | Feb 6, 2024 | Buffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C… | |||
| CVE-2023-6232 | 0.00 | — | 0.01 | Feb 6, 2024 | Buffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary… | |||
| CVE-2023-6231 | 0.00 | — | 0.01 | Feb 6, 2024 | Buffer overflow in WSD probe request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series… |
- risk 0.64cvss 9.8epss 0.01
Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF740C…
- risk 0.64cvss 9.8epss 0.05
A remote attacker can bypass the System Manager Mode on the Canon LBP6030w web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps…
- risk 0.64cvss 9.8epss 0.05
A remote attacker can bypass the Management Mode on the Canon LBP7110Cw web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the…
- risk 0.64cvss 9.8epss 0.05
A remote attacker can bypass the System Manager Mode on the Canon MF210 and MF220 web interface without knowing the PIN for /login.html via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a…
- risk 0.64cvss 9.8epss 0.05
An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=DevStatus. NOTE: the vendor reportedly responded that this issue occurs when a…
- risk 0.61cvss 9.4epss 0.01
Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Printer Driver / UFRII LT Printer…
- risk 0.57cvss —epss 0.00
Therefore Corporation GmbH has recently become aware that Therefore™ Online and Therefore™ On-Premises contain an account impersonation vulnerability. A malicious user may potentially be able to impersonate the web service account or the account of a service using the API…
- risk 0.57cvss 8.7epss 0.01
A passback vulnerability which relates to office/small office multifunction printers and laser printers.
- risk 0.51cvss 7.8epss 0.00
The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely load Dynamic Link Libraries (DLLs). If a…
- risk 0.49cvss 7.5epss 0.00
Advanced Installer before 22.6 has an uncontrolled search path element local privilege escalation vulnerability. When running as SYSTEM in certain configurations, Advanced Installer looks in standard-user writable locations for non-existent binaries and executes them as SYSTEM.…
- risk 0.44cvss 6.8epss 0.00
Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier
- risk 0.44cvss 6.7epss 0.00
An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service.
- risk 0.43cvss 6.1epss 0.02
Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI.
- risk 0.42cvss 6.5epss 0.00
Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier
- risk 0.42cvss 6.5epss 0.00
Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier
- risk 0.42cvss 6.5epss 0.00
Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
- risk 0.40cvss 6.2epss 0.00
Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
- risk 0.38cvss 5.9epss 0.00
Out-of-bounds write vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer…
- risk 0.38cvss 5.9epss 0.00
Out-of-bounds read vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer…
- risk 0.34cvss 5.3epss 0.00
Unallocated memory access vulnerability in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2…
- risk 0.34cvss 5.3epss 0.01
Out-of-bounds vulnerability in slope processing during curve rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver.
- risk 0.34cvss 5.3epss 0.01
Out-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver.
- risk 0.34cvss 5.3epss 0.01
Out-of-bounds vulnerability in curve segmentation processing of Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver.
- risk 0.33cvss 5.0epss 0.00
Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS(*) may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have…
- risk 0.33cvss 5.0epss 0.00
Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of files for which they would not…
- risk 0.30cvss —epss 0.00
Canon EOS Webcam Utility Pro for MAC OS version 2.3d (2.3.29) and earlier contains an improper directory permissions vulnerability. Exploitation of this vulnerability requires administrator access by a malicious user. An attacker could modify the directory, potentially resulting…
- CVE-2006-1185Apr 11, 2006risk 0.09cvss —epss 0.70
Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption.
- CVE-2006-1188Apr 11, 2006risk 0.08cvss —epss 0.57
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.
- CVE-2006-1192Apr 11, 2006risk 0.06cvss —epss 0.31
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address…
- CVE-2006-7065Mar 2, 2007risk 0.05cvss —epss 0.20
Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference.
- CVE-2013-4615Jun 21, 2013risk 0.04cvss —epss 0.16
The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/pages_MacUS/cgi_lan.cgi followed by a direct request to…
- CVE-2006-3354Jul 6, 2006risk 0.04cvss —epss 0.17
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference.
- CVE-2021-38085Aug 11, 2021risk 0.03cvss —epss 0.01
The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. During the add printer process, a local attacker can overwrite CNMurGE.dll and, if timed properly, the overwritten DLL will be loaded into a SYSTEM process resulting in escalation of…
- CVE-2019-14339Sep 5, 2019risk 0.03cvss —epss 0.05
The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's malicious application to obtain sensitive information including factory passwords…
- CVE-2013-4614Jun 21, 2013risk 0.03cvss —epss 0.03
English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of…
- CVE-2021-38154Aug 29, 2021risk 0.01cvss —epss 0.04
Certain Canon devices manufactured in 2012 through 2020 (such as imageRUNNER ADVANCE iR-ADV C5250), when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail…
- CVE-2006-2900Jun 7, 2006risk 0.01cvss —epss 0.13
Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those…
- CVE-2005-4827Dec 31, 2005risk 0.01cvss —epss 0.11
Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return…
- CVE-2025-14236Jan 15, 2026risk 0.00cvss —epss 0.01
Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series…
- CVE-2025-14234Jan 15, 2026risk 0.00cvss —epss 0.01
Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series…
- CVE-2025-14233Jan 15, 2026risk 0.00cvss —epss 0.01
Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C…
- CVE-2025-14232Jan 15, 2026risk 0.00cvss —epss 0.01
Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C…
- CVE-2025-14231Jan 15, 2026risk 0.00cvss —epss 0.01
Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C…
- CVE-2025-2146May 25, 2025risk 0.00cvss —epss 0.01
Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera…
- CVE-2024-12647Jan 28, 2025risk 0.00cvss —epss 0.01
Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw…
- CVE-2024-0244Feb 6, 2024risk 0.00cvss —epss 0.01
Buffer overflow in CPCA PCFAX number process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF750C Series firmware v03.07 and…
- CVE-2023-6234Feb 6, 2024risk 0.00cvss —epss 0.01
Buffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera…
- CVE-2023-6233Feb 6, 2024risk 0.00cvss —epss 0.01
Buffer overflow in SLP attribute request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C…
- CVE-2023-6232Feb 6, 2024risk 0.00cvss —epss 0.01
Buffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary…
- CVE-2023-6231Feb 6, 2024risk 0.00cvss —epss 0.01
Buffer overflow in WSD probe request process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*: Satera LBP670C Series/Satera MF750C Series…
Page 1 of 2