Filtered by vendor Ricoh
Subscribe
Search
Total
16 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-11844 | 1 Ricoh | 2 Sp 4520dn, Sp 4520dn Firmware | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| An HTML Injection vulnerability has been discovered on the RICOH SP 4520DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn or entryDisplayNameIn parameter. | |||||
| CVE-2019-14302 | 1 Ricoh | 121 M 2700, M 2700 Firmware, M 2701 and 118 more | 2020-08-24 | 7.2 HIGH | 6.8 MEDIUM |
| On Ricoh SP C250DN 1.06 devices, a debug port can be used. | |||||
| CVE-2019-11845 | 1 Ricoh | 2 Sp 4510dn, Sp 4510dn Firmware | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| An HTML Injection vulnerability has been discovered on the RICOH SP 4510DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter. | |||||
| CVE-2019-6021 | 1 Ricoh | 1 Limedio | 2020-01-06 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in Library Information Management System LIMEDIO all versions allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | |||||
| CVE-2019-18203 | 1 Ricoh | 2 Mp 501, Mp 501 Firmware | 2019-10-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn and KeyDisplay parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-16187 | 1 Ricoh | 16 D2200, D2200 Firmware, D5500 and 13 more | 2019-02-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| The RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2.2, D5510 V1.3 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.3 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) does not verify its server certificates, which allows man-in-the-middle attackers to eversdrop on encrypted communication. | |||||
| CVE-2018-17312 | 1 Ricoh | 2 Aficio Mp 301spf, Aficio Mp 301spf Firmware | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-17310 | 1 Ricoh | 2 Mp C1803 Jpn, Mp C1803 Jpn Firmware | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-17314 | 1 Ricoh | 2 Mp 305\+, Mp 305\+ Firmware | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-17311 | 1 Ricoh | 2 Mp C6503, Mp C6503 Firmware | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-17313 | 1 Ricoh | 2 Mp C307, Mp C307 Firmware | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH MP C307 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-17316 | 1 Ricoh | 2 Mp C6003, Mp C6003 Firmware | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-17309 | 1 Ricoh | 2 Mp C406z, Mp C406zspf Firmware | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-17315 | 1 Ricoh | 2 Mp C2003, Mp C2003sp Firmware | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-17002 | 1 Ricoh | 2 Mp 2001sp, Mp 2001sp Firmware | 2018-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH MP 2001 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-17001 | 1 Ricoh | 2 Sp 4510sf, Sp 4510sf Firmware | 2018-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH SP 4510SF printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||