VYPR

Vendor CVEs

Xerox

All CVEs

119 total · sorted by risk
  • CVE-2006-0827Feb 21, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

  • CVE-2006-0828Feb 21, 2006
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to "reduce effectiveness of security features" via unknown attack vectors.

  • CVE-2006-0825Feb 21, 2006
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allow remote attackers to bypass authentication or gain "unauthorized network access" via…

  • CVE-2006-0826Feb 21, 2006
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to cause a denial of service via a crafted Postscript request.

  • CVE-2005-2645Aug 23, 2005
    risk 0.00cvss epss 0.03

    Unknown vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to bypass authentication.

  • CVE-2005-2646Aug 23, 2005
    risk 0.00cvss epss 0.02

    Unknown vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to cause a denial of service or read files via unknown vectors involving crafted HTTP requests.

  • CVE-2005-2647Aug 23, 2005
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to inject arbitrary web script or HTML and modify web pages via unknown vectors.

  • CVE-2005-2200Jul 11, 2005
    risk 0.00cvss epss 0.02

    Multiple unknown vulnerabilities in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to bypass authentication.

  • CVE-2005-2201Jul 11, 2005
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to cause a denial of service or access files via crafted HTTP requests.

  • CVE-2005-2202Jul 11, 2005
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

  • CVE-2005-1936Jun 13, 2005
    risk 0.00cvss epss 0.01

    Unknown vulnerability in the web server for the ESS/ Network Controller for Xerox Document Centre 240 through 555 running System Software 27.18.017 and earlier allows attackers to "gain unauthorized access."

  • CVE-2005-1179May 2, 2005
    risk 0.00cvss epss 0.01

    Unknown vulnerability in Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and…

  • CVE-2005-0703Mar 7, 2005
    risk 0.00cvss epss 0.01

    Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, has an…

  • CVE-2002-1835Dec 31, 2002
    risk 0.00cvss epss 0.02

    The default configuration of Xerox DocuTech 6110 and DocuTech 6115 running Solaris 8.0 has a large number of unnecessary services enabled such as RPC and sprayd, which could allow remote attackers to obtain access to the device.

  • CVE-2002-1836Dec 31, 2002
    risk 0.00cvss epss 0.01

    The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the world with world writable permissions, which may allow remote attackers to modify sensitive files.

  • CVE-2002-1833Dec 31, 2002
    risk 0.00cvss epss 0.02

    The default configurations for DocuTech 6110 and DocuTech 6115 have a default administrative password of (1) "service!" on Solaris 8.0 or (2) "administ" on Windows NT, which allows remote attackers to gain privileges.

  • CVE-2002-1834Dec 31, 2002
    risk 0.00cvss epss 0.01

    The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connect to the web server and (1) submit print jobs directly into the "print now" queue or (2) read the scanner job history.

  • CVE-2001-1134Aug 9, 2001
    risk 0.00cvss epss 0.02

    Xerox DocuPrint N40 Printers allow remote attackers to cause a denial of service via malformed data, such as that produced by the Code Red worm.

  • CVE-1999-1343Oct 13, 1999
    risk 0.00cvss epss 0.01

    HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause a denial of service (hang) via a long URL that contains a large number of . characters.

Page 3 of 3