High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-11	CVE-2023-0857	Unspecified vulnerability in Canon products Unintentional change of settings during initial registration of system administrators which uses control protocols. network low complexity canon	7.5
2023-03-29	CVE-2022-43608	Integer Overflow or Wraparound vulnerability in Canon Mf644Cdw Firmware 10.03 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.03 printers. low complexity canon CWE-190	8.8
2023-03-28	CVE-2022-24672	Out-of-bounds Write vulnerability in Canon products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. low complexity canon CWE-787	8.8
2023-03-28	CVE-2022-24674	Out-of-bounds Write vulnerability in Canon products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. low complexity canon CWE-787	8.8
2022-04-25	CVE-2022-26111	Expression Language Injection vulnerability in Canon Irisnext 9.8.28 The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. network low complexity canon CWE-917	8.8
2021-12-06	CVE-2021-43471	Weak Password Requirements vulnerability in Canon Lbp223Dw Firmware In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. network low complexity canon CWE-521	7.5
2021-08-29	CVE-2021-38154	Incorrect Permission Assignment for Critical Resource vulnerability in Canon - Certain Canon devices manufactured in 2012 through 2020 (such as imageRUNNER ADVANCE iR-ADV C5250), when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker. network low complexity canon CWE-732	7.5
2021-08-11	CVE-2021-38085	Incorrect Permission Assignment for Critical Resource vulnerability in Canon Pixma Tr150 Firmware 3.71.2.10 The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. local low complexity canon CWE-732	7.8
2020-11-30	CVE-2020-16849	Unspecified vulnerability in Canon products An issue was discovered on Canon MF237w 06.07 devices. network low complexity canon	7.5
2020-06-08	CVE-2020-12695	Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. network high complexity ui w1-fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical CWE-276	7.5