Skip to main content

J3p65a Firmware

5 CVEs product

Monthly

CVE-2026-1997 MEDIUM This Month

HP OfficeJet Pro printers (D9l18a, D9l20a, D9l21a, D9l63a firmware) are vulnerable to information disclosure through CORS misconfiguration when administrators enable the feature on the Embedded Web Server. An unauthenticated remote attacker can exploit this to access sensitive device resources from untrusted web origins. CORS remains disabled by default as a mitigation, but organizations that have explicitly enabled it should apply patches when available.

CSRF HP J3p68a Firmware J6x78a Firmware T0g56a Firmware +38
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2022-28722 CRITICAL Act Now

Certain HP Print Products are potentially vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP Buffer Overflow P4C78A Firmware P4C85A Firmware T3P03A Firmware +96
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-28721 CRITICAL Act Now

Certain HP Print Products are potentially vulnerable to Remote Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP RCE M2U86A Firmware M2U86B Firmware M2U86C Firmware +297
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2019-10627 CRITICAL Act Now

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ips D9l63a Firmware D9l64a Firmware T0g70a Firmware +38
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2019-6337 MEDIUM This Month

For the printers listed a maliciously crafted print file might cause certain HP Inkjet printers to assert. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

HP Information Disclosure D9l63a Firmware D9l64a Firmware T0g70a Firmware +38
NVD
CVSS 3.1
5.2
EPSS
0.4%
EPSS 0% CVSS 5.3
MEDIUM This Month

HP OfficeJet Pro printers (D9l18a, D9l20a, D9l21a, D9l63a firmware) are vulnerable to information disclosure through CORS misconfiguration when administrators enable the feature on the Embedded Web Server. An unauthenticated remote attacker can exploit this to access sensitive device resources from untrusted web origins. CORS remains disabled by default as a mitigation, but organizations that have explicitly enabled it should apply patches when available.

CSRF HP J3p68a Firmware +40
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain HP Print Products are potentially vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP Buffer Overflow P4C78A Firmware +98
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain HP Print Products are potentially vulnerable to Remote Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP RCE M2U86A Firmware +299
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ips D9l63a Firmware +40
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

For the printers listed a maliciously crafted print file might cause certain HP Inkjet printers to assert. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

HP Information Disclosure D9l63a Firmware +40
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy