SUSE-SU-2026:21850-1 Security update for cups

This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...

Amazon Linux 2023 : cups, cups-client, cups-devel (ALAS2023-2026-1668)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1668 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, CUPS daemon cupsd contains an authorization bypass...

Fedora 42 : cups (2026-34454fdb74)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-34454fdb74 advisory. 2.4.17 - security fixes for CVE-2026-39316, CVE-2026-39314, CVE-2026-34979, CVE-2026-34990, CVE-2026-27447, CVE-2026-34978 Tenable has extracted the...

CVE-2026-34980 affecting package cups for versions less than 2.4.17-1

CVE-2026-34980 affecting package cups for versions less than 2.4.17-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-34990 affecting package cups for versions less than 2.4.17-1

CVE-2026-34990 affecting package cups for versions less than 2.4.17-1. An upgraded version of the package is available that resolves this issue...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: cups: cups-2.4.17-1.hum1 aarch64, x8664 cups-client-2.4.17-1.hum1 aarch64, x8664 cups-devel-2.4.17-1.hum1 aarch64, x8664 cups-filesystem-2.4.17-1.hum1 noarch cups-ipptool-2.4.17-1.hum1 aarch64,...

Linux Distros Unpatched Vulnerability : CVE-2025-53020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are...

SUSE CVE-2025-53020

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...

AZL-65094 CVE-2025-53020 affecting package httpd for versions less than 2.4.64-1

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...

WordPress plugin Quick License Manager – WooCommerce Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2024-17261 · WordPress · Quick License Manager – Woocommerce Plugin

Name of the Vulnerable Software and Affected Versions: Quick License Manager – WooCommerce Plugin plugin for WordPress versions up to, and including, 2.4.17 Description: The issue is related to Reflected Cross-Site Scripting via the submit qlm products parameter due to insufficient input...

PT-2024-22132 · Symfony · Symfony Security Http

Name of the Vulnerable Software and Affected Versions: Sulu versions 2.2.0 through 2.4.16 Sulu versions 2.5.0 through 2.5.12 Description: The issue concerns a PHP content management system where access to pages is granted regardless of role permissions for webspaces with a security system...

haproxy security update

2.4.17-3.2 - Reject empty http header field names CVE-2023-25725, 2174174 2.4.17-3.1 - Refuse interim responses with end-stream flag set CVE-2023-0056, 2174172...

CVE-2022-3385

Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can remotely overflow the stack buffer and enable remote code execution...

Stack overflow

Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized filename to overflow the stack buffer and enable remote code execution...

Stack overflow

Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can remotely overflow the stack buffer and enable remote code execution...

Advantech R-SeeNet 缓冲区错误漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet 2.4.17 and previous versions are vulnerable to a stack buffer overflow vulnerabilit...

CVE-2021-33193

A crafted method sent through HTTP/2 will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48...

ALPINE-CVE-2021-33193

A crafted method sent through HTTP/2 will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48...

CVE-2021-33193 Request splitting via HTTP/2 method injection and mod_proxy

A crafted method sent through HTTP/2 will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48...