Lexmark C748
20 CVEs affecting Lexmark C748. Latest disclosed: 2023-04-10. Critical: 11, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-26070 | Critical | 9.8 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 4 of 4). |
CVE-2023-26066 | Critical | 9.8 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 have Improper Validation of an Array Index. |
CVE-2023-26065 | Critical | 9.8 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 have an Integer Overflow. |
CVE-2023-26064 | Critical | 9.8 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 have an Out-of-bounds Write. |
CVE-2023-26063 | Critical | 9.8 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 access a Resource By Using an Incompatible Type. |
CVE-2021-44734 | Critical | 9.8 | 2022-01-20 | Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device. |
CVE-2021-44738 | Critical | 9.8 | 2022-01-20 | Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter. |
CVE-2019-9933 | Critical | 9.8 | 2019-08-28 | Various Lexmark products have a Buffer Overflow (issue 3 of 3). |
CVE-2019-9932 | Critical | 9.8 | 2019-08-28 | Various Lexmark products have a Buffer Overflow (issue 2 of 3). |
CVE-2019-9930 | Critical | 9.8 | 2019-08-28 | Various Lexmark products have an Integer Overflow. |
CVE-2019-10058 | Critical | 9.1 | 2019-08-28 | Various Lexmark products have Incorrect Access Control. |
CVE-2021-44737 | High | 8.8 | 2022-01-20 | PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files. |
CVE-2018-18894 | High | 7.5 | 2020-03-10 | Certain older Lexmark devices (C, M, X, and 6500e before 2018-12-18) contain a directory traversal vulnerability in the embedded web server. |
CVE-2019-9931 | High | 7.5 | 2019-08-28 | Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device. |
CVE-2020-10094 | Medium | 5.4 | 2020-04-28 | A cross-site scripting (XSS) vulnerability in Lexmark CS31x before LW74.VYL.P273; CS41x before LW74.VY2.P273; CS51x before LW74.VY4.P273; CX310 before LW74.GM2… |
CVE-2020-10093 | Medium | 5.4 | 2020-04-28 | A cross-site scripting (XSS) vulnerability in Lexmark Pro910 series inkjet and other discontinued products. |
CVE-2019-19773 | Medium | 5.4 | 2020-03-06 | Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support… |
CVE-2019-19772 | Medium | 5.4 | 2020-03-06 | Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://supp… |
CVE-2019-18791 | Medium | 5.4 | 2020-02-13 | Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploi… |
CVE-2019-10059 | Medium | 5.3 | 2019-08-28 | The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices. |