Vulnerabilities > Ricoh

DATE CVE VULNERABILITY TITLE RISK
2023-06-19 CVE-2023-30759 Insufficient Verification of Data Authenticity vulnerability in Ricoh Printer Driver Packager NX 1.0.02/1.1.25
The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege.
local
low complexity
ricoh CWE-345
7.8
2023-02-16 CVE-2022-43969 Unspecified vulnerability in Ricoh products
Ricoh mp_c4504ex devices with firmware 1.06 mishandle credentials.
network
low complexity
ricoh
critical
9.1
2022-12-07 CVE-2022-37406 Cross-site Scripting vulnerability in Ricoh Aficio SP 4210N Firmware
Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior to Web Support 1.05 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
network
low complexity
ricoh CWE-79
4.8
2022-09-08 CVE-2022-36403 Untrusted Search Path vulnerability in Ricoh Device Software Manager
Untrusted search path vulnerability in the installer of Device Software Manager prior to Ver.2.20.3.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
ricoh CWE-426
7.8
2022-02-15 CVE-2021-33945 Out-of-bounds Write vulnerability in Ricoh products
RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf.
network
low complexity
ricoh CWE-787
critical
9.8
2020-08-04 CVE-2019-20001 Unspecified vulnerability in Ricoh Streamline NX Client Tool and Streamline NX PC Client
An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that allows attackers to escalate local privileges.
local
low complexity
ricoh
7.8
2020-03-13 CVE-2019-14310 Out-of-bounds Write vulnerability in Ricoh products
Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3).
network
low complexity
ricoh CWE-787
critical
9.8
2020-03-13 CVE-2019-14309 Use of Hard-coded Credentials vulnerability in Ricoh products
Ricoh SP C250DN 1.05 devices have a fixed password.
network
low complexity
ricoh CWE-798
7.5
2020-03-13 CVE-2019-14303 Unspecified vulnerability in Ricoh products
Ricoh SP C250DN 1.05 devices allow denial of service (issue 1 of 3).
network
low complexity
ricoh
7.5
2020-03-13 CVE-2019-14299 Improper Restriction of Excessive Authentication Attempts vulnerability in Ricoh products
Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks.
network
low complexity
ricoh CWE-307
critical
9.8