Filtered by vendor Ricoh
Subscriptions
Total
44 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-6750 | 1 Ricoh | 1 Dl-1 Sr10 | 2024-09-16 | N/A |
Buffer overflow in Ricoh DL FTP Server 1.1.0.6 and earlier allows remote attackers to execute arbitrary code via a long USER command. | ||||
CVE-2012-5002 | 1 Ricoh | 2 Dl-10, Sr10 Ftp Server | 2024-08-06 | N/A |
Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command. | ||||
CVE-2018-18006 | 1 Ricoh | 1 Myprint | 2024-08-05 | N/A |
Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names of printed files. | ||||
CVE-2018-17313 | 1 Ricoh | 2 Mp C307, Mp C307 Firmware | 2024-08-05 | N/A |
On the RICOH MP C307 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | ||||
CVE-2018-17310 | 1 Ricoh | 2 Mp C1803 Jpn, Mp C1803 Jpn Firmware | 2024-08-05 | N/A |
On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | ||||
CVE-2018-17311 | 1 Ricoh | 2 Mp C6503, Mp C6503 Firmware | 2024-08-05 | N/A |
On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | ||||
CVE-2018-17312 | 1 Ricoh | 2 Aficio Mp 301spf, Aficio Mp 301spf Firmware | 2024-08-05 | N/A |
On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | ||||
CVE-2018-17309 | 1 Ricoh | 2 Mp C406z, Mp C406zspf Firmware | 2024-08-05 | N/A |
On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | ||||
CVE-2018-17316 | 1 Ricoh | 2 Mp C6003, Mp C6003 Firmware | 2024-08-05 | N/A |
On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | ||||
CVE-2018-17314 | 1 Ricoh | 2 Mp 305\+, Mp 305\+ Firmware | 2024-08-05 | N/A |
On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | ||||
CVE-2018-17315 | 1 Ricoh | 2 Mp C2003, Mp C2003sp Firmware | 2024-08-05 | N/A |
On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | ||||
CVE-2018-17002 | 1 Ricoh | 2 Mp 2001sp, Mp 2001sp Firmware | 2024-08-05 | N/A |
On the RICOH MP 2001 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | ||||
CVE-2018-17001 | 1 Ricoh | 2 Sp 4510sf, Sp 4510sf Firmware | 2024-08-05 | N/A |
On the RICOH SP 4510SF printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | ||||
CVE-2018-16186 | 1 Ricoh | 16 D2200, D2200 Firmware, D5500 and 13 more | 2024-08-05 | N/A |
RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) uses hard-coded credentials, which may allow an attacker on the same network segments to login to the administrators settings screen and change the configuration. | ||||
CVE-2018-16187 | 1 Ricoh | 16 D2200, D2200 Firmware, D5500 and 13 more | 2024-08-05 | N/A |
The RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2.2, D5510 V1.3 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.3 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) does not verify its server certificates, which allows man-in-the-middle attackers to eversdrop on encrypted communication. | ||||
CVE-2018-16188 | 1 Ricoh | 16 D2200, D2200 Firmware, D5500 and 13 more | 2024-08-05 | N/A |
SQL injection vulnerability in the RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2.2, D5510 V1.3 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.3 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2018-16185 | 1 Ricoh | 16 D2200, D2200 Firmware, D5500 and 13 more | 2024-08-05 | N/A |
RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) allows remote attackers to execute a malicious program. | ||||
CVE-2018-16184 | 1 Ricoh | 16 D2200, D2200 Firmware, D5500 and 13 more | 2024-08-05 | N/A |
RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D5510 V1.6 to V2.2, and the display versions with RICOH Interactive Whiteboard Controller Type1 V1.6 to V2.2 attached (D5520, D6500, D6510, D7500, D8400) allows remote attackers to execute arbitrary commands via unspecified vectors. | ||||
CVE-2018-15884 | 1 Ricoh | 2 Mp C4504ex, Mp C4504ex Firmware | 2024-08-05 | N/A |
RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter. | ||||
CVE-2019-20001 | 1 Ricoh | 2 Streamline Nx Client Tool, Streamline Nx Pc Client | 2024-08-05 | 7.8 High |
An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that allows attackers to escalate local privileges. |