Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xerox vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-1999-1343
HTTP server for Xerox DocuColor 4 LP allows remote malicious users to cause a denial of service (hang) via a long URL that contains a large number of . characters.
Xerox Docucolor 4lp
4.3
CVSSv2
CVE-2008-3121
Multiple cross-site scripting (XSS) vulnerabilities in Xerox CentreWare Web (CWW) prior to 4.6.46 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Xerox Centreware Web
6.5
CVSSv2
CVE-2008-3122
Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) prior to 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors.
Xerox Centreware Web
NA
CVE-2022-45897
On Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attacker can view the SMB server settings and can obtain the stored cleartext credentials associated with those settings.
Xerox Workcentre 3550 Firmware 25.003.03.000
5
CVSSv2
CVE-2019-13166
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement account lockout. Local account credentials may be extracted from the device via brute force guessing attacks.
Xerox Phaser 3320 Firmware V53.006.16.000
4.3
CVSSv2
CVE-2019-13167
Multiple Stored XSS vulnerabilities were found in the Xerox Web Application, used by the Phaser 3320 V53.006.16.000 and other printers. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwa...
Xerox Phaser 3320 Firmware V53.006.16.000
10
CVSSv2
CVE-2019-13169
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Content-Type HTTP Header of the web application that would allow an malicious user to execute arbitrary code on the device.
Xerox Phaser 3320 Firmware V53.006.16.000
4.3
CVSSv2
CVE-2019-13170
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement any mechanism to avoid CSRF attacks. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device.
Xerox Phaser 3320 Firmware V53.006.16.000
10
CVSSv2
CVE-2019-13171
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated malicious user to execute arbitrary code on the device. This was caus...
Xerox Phaser 3320 Firmware V53.006.16.000
5
CVSSv2
CVE-2022-23320
XMPie uStore 12.3.7244.0 allows for administrators to generate reports based on raw SQL queries. Since the application ships with default administrative credentials, an attacker may authenticate into the application and exfiltrate sensitive information from the database.
Xerox Xmpie Ustore 12.3.7244.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »