Vulnerabilities > Xerox
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-18 | CVE-2019-19832 | Cross-Site Request Forgery (CSRF) vulnerability in Xerox Altalink C8035 Firmware Xerox AltaLink C8035 printers allow CSRF. | 6.8 |
2019-10-04 | CVE-2019-17184 | Unspecified vulnerability in Xerox Atlalink Firmware Xerox AtlaLink B8045/B8055/B8065/B8075/B8090 C8030/C8035/C8045/C8055/C8070 printers with software before 101.00x.089.22600 allow an attacker to gain privileges. | 7.5 |
2019-05-13 | CVE-2018-15530 | Cross-site Scripting vulnerability in Xerox Colorqube 8580 Firmware Cross-site scripting (XSS) in the web interface of the Xerox ColorQube 8580 allows remote persistent injection of custom HTML / JavaScript code. | 4.3 |
2019-04-12 | CVE-2019-10880 | OS Command Injection vulnerability in Xerox products Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). | 10.0 |
2019-02-10 | CVE-2018-20771 | Improper Input Validation vulnerability in Xerox products An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. | 7.5 |
2019-02-10 | CVE-2018-20770 | SQL Injection vulnerability in Xerox products An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. | 7.5 |
2019-02-10 | CVE-2018-20769 | Path Traversal vulnerability in Xerox products An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. | 5.0 |
2019-02-10 | CVE-2018-20768 | Code Injection vulnerability in Xerox products An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. | 7.5 |
2019-02-10 | CVE-2018-20767 | Improper Input Validation vulnerability in Xerox products An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. | 6.5 |
2019-01-03 | CVE-2018-17172 | Command Injection vulnerability in Xerox products The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001.028.05200, C8045/C8055 before 100.002.028.05200, and C8070 before 100.003.028.05200 allows unauthenticated command injection. | 7.5 |