Vulnerabilities > Ricoh

DATE CVE VULNERABILITY TITLE RISK
2023-06-19 CVE-2023-30759 Insufficient Verification of Data Authenticity vulnerability in Ricoh Printer Driver Packager NX
The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege.
local
low complexity
ricoh CWE-345
7.8
2023-02-16 CVE-2022-43969 Unspecified vulnerability in Ricoh products
Ricoh mp_c4504ex devices with firmware 1.06 mishandle credentials.
network
low complexity
ricoh
critical
9.1
2022-12-07 CVE-2022-37406 Cross-site Scripting vulnerability in Ricoh Aficio SP 4210N Firmware
Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior to Web Support 1.05 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
network
low complexity
ricoh CWE-79
4.8
2022-02-15 CVE-2021-33945 Out-of-bounds Write vulnerability in Ricoh products
RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf.
network
low complexity
ricoh CWE-787
7.5
2020-08-04 CVE-2019-20001 Improper Privilege Management vulnerability in Ricoh Streamline NX Client Tool and Streamline NX PC Client
An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that allows attackers to escalate local privileges.
local
low complexity
ricoh CWE-269
4.6
2020-03-13 CVE-2019-14310 Out-of-bounds Write vulnerability in Ricoh products
Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3).
network
low complexity
ricoh CWE-787
critical
10.0
2020-03-13 CVE-2019-14309 Use of Hard-coded Credentials vulnerability in Ricoh products
Ricoh SP C250DN 1.05 devices have a fixed password.
network
low complexity
ricoh CWE-798
5.0
2020-03-13 CVE-2019-14303 Unspecified vulnerability in Ricoh products
Ricoh SP C250DN 1.05 devices allow denial of service (issue 1 of 3).
network
low complexity
ricoh
5.0
2020-03-13 CVE-2019-14299 Improper Restriction of Excessive Authentication Attempts vulnerability in Ricoh products
Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks.
network
low complexity
ricoh CWE-307
5.0
2020-01-24 CVE-2019-19363 Incorrect Permission Assignment for Critical Resource vulnerability in Ricoh products
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation.
local
low complexity
ricoh CWE-732
7.8