Vulnerabilities > Ricoh > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-07 | CVE-2022-37406 | Cross-site Scripting vulnerability in Ricoh Aficio SP 4210N Firmware Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior to Web Support 1.05 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. | 4.8 |
| 2020-08-04 | CVE-2019-20001 | Improper Privilege Management vulnerability in Ricoh Streamline NX Client Tool and Streamline NX PC Client An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that allows attackers to escalate local privileges. | 4.6 |
| 2020-03-13 | CVE-2019-14309 | Use of Hard-coded Credentials vulnerability in Ricoh products Ricoh SP C250DN 1.05 devices have a fixed password. | 5.0 |
| 2020-03-13 | CVE-2019-14303 | Unspecified vulnerability in Ricoh products Ricoh SP C250DN 1.05 devices allow denial of service (issue 1 of 3). | 5.0 |
| 2020-03-13 | CVE-2019-14299 | Improper Restriction of Excessive Authentication Attempts vulnerability in Ricoh products Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. | 5.0 |
| 2020-01-10 | CVE-2019-14302 | Unspecified vulnerability in Ricoh products On Ricoh SP C250DN 1.06 devices, a debug port can be used. low complexity ricoh | 6.8 |
| 2019-12-31 | CVE-2019-7751 | Path Traversal vulnerability in Ricoh Fusionpro VDP A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list or enumerate sensitive contents of files. | 5.0 |
| 2019-12-26 | CVE-2019-6021 | Open Redirect vulnerability in Ricoh Limedio Open redirect vulnerability in Library Information Management System LIMEDIO all versions allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | 5.8 |
| 2019-10-21 | CVE-2019-18203 | Cross-site Scripting vulnerability in Ricoh MP 501 Firmware On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn and KeyDisplay parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
| 2019-05-14 | CVE-2019-11845 | Cross-site Scripting vulnerability in Ricoh SP 4510Dn Firmware An HTML Injection vulnerability has been discovered on the RICOH SP 4510DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter. | 4.3 |