CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4046 – Missing Authorization in Lexmark Cloud Services badge management
https://notcve.org/view.php?id=CVE-2025-4046
19 Aug 2025 — A missing authorization vulnerability in Lexmark Cloud Services badge management allows attacker to reassign badges within their organization • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-862: Missing Authorization •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4044 – XML External Entity Injection vulnerability in various Lexmark Universal Drivers
https://notcve.org/view.php?id=CVE-2025-4044
19 Aug 2025 — Improper Restriction of XML External Entity Reference in various Lexmark printer drivers for Windows allows attacker to disclose sensitive information to an arbitrary URL. • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1126 – Lexmark has identified a vulnerability in our Lexmark Print Management Client (LPMC).
https://notcve.org/view.php?id=CVE-2025-1126
11 Feb 2025 — A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client. • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-807: Reliance on Untrusted Inputs in a Security Decision •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50733 – A Server-Side Request Forgery (SSRF) vulnerability exists in newer Lexmark devices.
https://notcve.org/view.php?id=CVE-2023-50733
21 Jan 2025 — A Server-Side Request Forgery (SSRF) vulnerability has been identified in the Web Services feature of newer Lexmark devices. A Server-Side Request Forgery (SSRF) vulnerability has been identified in the Web Services feature of newer Lexmark devices. • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-20: Improper Input Validation CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-50738 – A firmware downgrade prevention vulnerability has been identified in newer Lexmark devices.
https://notcve.org/view.php?id=CVE-2023-50738
31 May 2024 — A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A method to override this downgrade protection has been identified. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the `/usr/bin/hydra` service, which listens on TCP port 9100 by default. The issue results from the lack of proper validatio... • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-354: Improper Validation of Integrity Check Value CWE-1328: Security Version Number Mutable to Older Versions •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50739 – A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices.
https://notcve.org/view.php?id=CVE-2023-50739
26 Apr 2024 — A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IPP server, which listens on TCP port 631 by default. The issue results from the ... • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50734 – A vulnerability has been identified in the PostScript interpreter in various Lexmark devices.
https://notcve.org/view.php?id=CVE-2023-50734
31 Jan 2024 — A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. Se ha identificado una vulnerabilidad de desbordamiento del búfer en el intérprete PostScript de varios dispositivos Lexmark. Un atacante puede aprovechar la vulnerabilidad para ejecutar código arbitrario. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331ad... • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50735 – A vulnerability has been identified in the PostScript interpreter in various Lexmark devices.
https://notcve.org/view.php?id=CVE-2023-50735
31 Jan 2024 — A heap corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. Se ha identificado una vulnerabilidad de corrupción del montón en el intérprete PostScript de varios dispositivos Lexmark. Un atacante puede aprovechar la vulnerabilidad para ejecutar código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-465: Pointer Issues •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50736 – A vulnerability has been identified in the PostScript interpreter in various Lexmark devices.
https://notcve.org/view.php?id=CVE-2023-50736
31 Jan 2024 — A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. Se ha identificado una vulnerabilidad de corrupción de memoria en el intérprete PostScript de varios dispositivos Lexmark. Un atacante puede aprovechar la vulnerabilidad para ejecutar código arbitrario. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adw... • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50737 – An input validation vulnerability in the SE Menu allows an attacker to execute arbitrary code.
https://notcve.org/view.php?id=CVE-2023-50737
31 Jan 2024 — The SE menu contains information used by Lexmark to diagnose device errors. A vulnerability in one of the SE menu routines can be leveraged by an attacker to execute arbitrary code. El menú SE contiene información utilizada por Lexmark para diagnosticar errores del dispositivo. Un atacante puede aprovechar una vulnerabilidad en una de las rutinas del menú SE para ejecutar código arbitrario. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX... • https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html • CWE-20: Improper Input Validation •