Vulnerabilities > Xerox > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-07 | CVE-2024-47558 | Path Traversal vulnerability in Xerox Freeflow Core 7.0 Authenticated RCE via Path Traversal | 8.8 |
| 2024-10-07 | CVE-2024-47559 | Path Traversal vulnerability in Xerox Freeflow Core 7.0 Authenticated RCE via Path Traversal | 8.8 |
| 2022-04-04 | CVE-2022-26572 | Unspecified vulnerability in Xerox Colorqube 8580 Firmware Xerox ColorQube 8580 was discovered to contain an access control issue which allows attackers to print, view the status, and obtain sensitive information. | 7.5 |
| 2022-02-07 | CVE-2022-23320 | Improper Authentication vulnerability in Xerox Xmpie Ustore 12.3.7244.0 XMPie uStore 12.3.7244.0 allows for administrators to generate reports based on raw SQL queries. | 7.5 |
| 2022-01-26 | CVE-2022-23968 | Infinite Loop vulnerability in Xerox Versalink Firmware Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. | 7.5 |
| 2021-03-29 | CVE-2021-28669 | Missing Authorization vulnerability in Xerox products Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 provide the ability to set configuration attributes without administrative rights. | 7.5 |
| 2021-03-04 | CVE-2019-18630 | Cleartext Storage of Sensitive Information vulnerability in Xerox products On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200, portions of the drive containing executable code were not encrypted thus leaving it open to potential cryptographic information disclosure. | 7.5 |
| 2021-03-04 | CVE-2019-18629 | Unspecified vulnerability in Xerox products Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. | 8.1 |
| 2021-01-26 | CVE-2020-36201 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Xerox products An issue was discovered in certain Xerox WorkCentre products. | 7.5 |
| 2020-03-13 | CVE-2019-13166 | Improper Restriction of Excessive Authentication Attempts vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement account lockout. | 7.5 |