Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Xerox Subscribe
Total 106 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-11061 1 Xerox 50 Workcentre 3655, Workcentre 3655 Firmware, Workcentre 3655i and 47 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.
CVE-2013-6362 1 Xerox 24 Colorqube 9201, Colorqube 9201 Firmware, Colorqube 9202 and 21 more 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts.
CVE-2024-47559 1 Xerox 1 Freeflow Core 2024-10-16 N/A 8.8 HIGH
Authenticated RCE via Path Traversal
CVE-2024-47558 1 Xerox 1 Freeflow Core 2024-10-16 N/A 8.8 HIGH
Authenticated RCE via Path Traversal
CVE-2024-47556 1 Xerox 1 Freeflow Core 2024-10-16 N/A 9.8 CRITICAL
Pre-Auth RCE via Path Traversal
CVE-2024-47557 1 Xerox 1 Freeflow Core 2024-10-16 N/A 9.8 CRITICAL
Pre-Auth RCE via Path Traversal