MiracleLinux 7 : cups-1.6.3-51.el7 (AXSA:2020-557:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-557:05 advisory. cups: DNS rebinding attacks via incorrect whitelist CVE-2017-18190 cups: stack-buffer-overflow in libcups's asn1gettype function CVE-2019-8675 cups:...

CVE-2018-18190

An issue was discovered in GoPro gpmf-parser before 1.2.1. There is a divide-by-zero error in GPMFScaledData in GPMFparser.c...

CVE-2019-18190

creationtimestamp| type| source ---|---|--- 2024-03-09 09:36:30+00:00| seen| https://t.me/ctinow/203857...

SUSE: Security Advisory (SUSE-SU-2018:0604-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : cups on SL7.x x86_64 (20201001)

Security Fixes : - cups: DNS rebinding attacks via incorrect whitelist CVE-2017-18190 - cups: stack-buffer-overflow in libcups's asn1gettype function CVE-2019-8675 - cups: stack-buffer-overflow in libcups's asn1getpacked function CVE-2019-8696 C Tenable Network Security, Inc. The descriptive text...

cups security update

CentOS Errata and Security Advisory CESA-2020:3864 An update for cups is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Oracle Linux 7 : cups (ELSA-2020-3864)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3864 advisory. - 1823758 - CVE-2017-18190 cups: DNS rebinding attacks via incorrect whitelist rhel-7 - 1774460 - CVE-2019-8696 cups: stack-buffer-overflow in libcupss...

CVE-2020-18190

Bludit v3.8.1 is affected by a directory traversal vulnerability in the upload-profile-picture endpoint (/admin/ajax/upload-profile-picture). The flaw allows remote attackers to delete arbitrary files on the server. This is a path traversal issue in the upload handling, enabling statements about ...

CVE-2020-18190

Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture...

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2018-1079)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2018-1080)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-18190

Trend Micro Security Consumer 2020 v16.x is affected by a vulnerability in where null pointer dereference errors result in the crash of application, which could potentially lead to possible unsigned code execution under certain circumstances...

CVE-2019-18190

Trend Micro Security (Consumer) 2020 (v16.x) is affected by a null pointer dereference vulnerability that can crash the application and potentially allow unsigned code execution under certain circumstances. The connected documents describe the issue as a null pointer dereference without detailing...

CVE-2018-18190

CVE-2018-18190 affects GoPro gpmf-parser before 1.2.1. The issue is a divide-by-zero in the function GPMF_ScaledData within GPMF_parser.c that can cause a crash. Affected component is the GPMF data parser used by GoPro cameras. Public references indicate the vulnerability exists in versions prior...

Debian: Security Advisory (DLA-1412-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1412-1] cups security update

Package : cups Version : 1.7.5-11+deb8u3 CVE ID : CVE-2017-18190 CVE-2017-18248 Two vulnerabilities affecting the cups printing server were found which can lead to arbitrary IPP command execution and denial of service. CVE-2017-18190 A localhost.localdomain whitelist entry in validhost in...

EulerOS 2.0 SP2 : cups (EulerOS-SA-2018-1080)

According to the versions of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - CUPS printing system provides a portable printing layer for UNIXAr operating systems. It has been developed by Apple Inc.to promote a standard...

openSUSE: Security Advisory for cups (openSUSE-SU-2018:0618-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2018:0604-1 Security update for cups

This update for cups fixes the following issues: - CVE-2017-18190: Removed localhost.localdomain from list of trustworthy hosts in scheduler/client.c to avoid arbitrary IPP command execution in conjunction with DNS rebinding. bsc1081557...

Updated cups packages fix security vulnerability

Updated cups packages fix security vulnerability: Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to "localhost.localdomain" from the loopback interface. If a user were tricked in to opening a specially crafted website in their web browser, an attacker could...