Vulnerabilities > Ricoh

DATE CVE VULNERABILITY TITLE RISK
2020-01-24 CVE-2019-19363 Incorrect Permission Assignment for Critical Resource vulnerability in Ricoh products
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation.
local
low complexity
ricoh CWE-732
7.8
2020-01-10 CVE-2019-14306 Unspecified vulnerability in Ricoh products
Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2).
network
low complexity
ricoh
7.5
2020-01-10 CVE-2019-14304 Cross-Site Request Forgery (CSRF) vulnerability in Ricoh products
Ricoh SP C250DN 1.06 devices allow CSRF.
network
low complexity
ricoh CWE-352
8.8
2020-01-10 CVE-2019-14302 Unspecified vulnerability in Ricoh products
On Ricoh SP C250DN 1.06 devices, a debug port can be used.
low complexity
ricoh
6.8
2020-01-10 CVE-2019-14301 Information Exposure vulnerability in Ricoh products
Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2).
network
low complexity
ricoh CWE-200
7.5
2019-12-31 CVE-2019-7751 Path Traversal vulnerability in Ricoh Fusionpro VDP
A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list or enumerate sensitive contents of files.
network
low complexity
ricoh CWE-22
7.5
2019-12-26 CVE-2019-6021 Open Redirect vulnerability in Ricoh Limedio
Open redirect vulnerability in Library Information Management System LIMEDIO all versions allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.
network
low complexity
ricoh CWE-601
6.1
2019-10-21 CVE-2019-18203 Cross-site Scripting vulnerability in Ricoh MP 501 Firmware
On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn and KeyDisplay parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
network
low complexity
ricoh CWE-79
6.1
2019-08-26 CVE-2019-14307 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ricoh products
Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for SNMP, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server.
network
low complexity
ricoh CWE-119
critical
9.8
2019-08-26 CVE-2019-14305 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ricoh products
Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for Wi-Fi, mDNS, POP3, SMTP, and notification alerts, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server.
network
low complexity
ricoh CWE-119
critical
9.8