Vulnerabilities > Canon
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-11 | CVE-2023-0852 | Out-of-bounds Write vulnerability in Canon products Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. | 9.8 |
| 2023-05-11 | CVE-2023-0853 | Out-of-bounds Write vulnerability in Canon products Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. | 9.8 |
| 2023-05-11 | CVE-2023-0854 | Out-of-bounds Write vulnerability in Canon products Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. | 9.8 |
| 2023-05-11 | CVE-2023-0855 | Out-of-bounds Write vulnerability in Canon products Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. | 9.8 |
| 2023-05-11 | CVE-2023-0856 | Out-of-bounds Write vulnerability in Canon products Buffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. | 9.8 |
| 2023-05-11 | CVE-2023-0857 | Unspecified vulnerability in Canon products Unintentional change of settings during initial registration of system administrators which uses control protocols. | 7.5 |
| 2023-05-11 | CVE-2023-0858 | Improper Authentication vulnerability in Canon products Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger unauthorized access to the product. | 5.3 |
| 2023-05-11 | CVE-2023-0859 | Unspecified vulnerability in Canon products Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*). | 5.3 |
| 2022-12-09 | CVE-2022-38765 | Authorization Bypass Through User-Controlled Key vulnerability in Canon Vitrea View Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. | 6.5 |
| 2022-09-30 | CVE-2022-37461 | Cross-site Scripting vulnerability in Canon Medical Vitrea View Multiple cross-site scripting (XSS) vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the (2) groupID, (3) offset, or (4) limit parameter to an Administrative Panel (Group and Users) page. | 6.1 |