SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cups-filters (SUSE-SU-2026:1948-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1948-1 advisory. This update for cups-filters fixes the following issues - error about PPD file during 'driverless' printe...

Security update for cups-filters

This update for cups-filters fixes the following issues error about PPD file during 'driverless' printer setup bsc1256868. ppd pull out from driverless printer feature broken bsc1256977. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2026:1948-1 Security update for cups-filters

This update for cups-filters fixes the following issues - error about PPD file during 'driverless' printer setup bsc1256868. - ppd pull out from driverless printer feature broken bsc1256977...

CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination...

CVE-2025-15275

FontForge SFD File Parsing Heap-based Buffer Overflow (CVE-2025-15275) affects FontForge and enables remote code execution. The flaw occurs in the SFD parser, where the length of user-supplied data is not properly validated before copying to a heap-based buffer, allowing an attacker to run arbitr...

Malicious code in keyla-poke80 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fead89eccdb880a74be8f3053b394cc603dcbb494fb0f25618a04adbdf861b9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in okta-rojak76-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d9f45f45f49406f06fe02b9fa5151af604f5befab23d69271e29fde388fcd6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-78626 Malicious code in hadianto-bakso50-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 818075c7e9e1969c46e977fbc980910cff86501bb5a42b7c88266f4100b2c49b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in additional-red-crayfish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cedec46ce37ac2717592c0826c48e2ecdbef71ad22fadb60b6008ced07774fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-12327

A vulnerability was determined in shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. This issue affects some unknown processing of the file /description.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been public...

CVE-2025-12327 shawon100 RUET OJ description.php sql injection

A vulnerability was determined in shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. This issue affects some unknown processing of the file /description.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been public...

EUVD-2007-5742

Malware in sbrugna...

EUVD-2000-0797

Malware in sbrugna...

Security update for cups-filters

This update for cups-filters fixes the following issues: CVE-2024-47175: no validation of IPP attributes in ppdCreatePPDFromIPP2 when writing to a temporary PPD file allows for the injection of attacker-controlled data to the resulting PPD bsc1230932. Patch Instructions: To install this SUSE upda...

CVE-2025-22421

In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

USN-7044-1 libcupsfilters vulnerability

Simone Margaritelli discovered that libcupsfilters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

PT-2024-6441

Name of the Vulnerable Software and Affected Versions CUPS versions 2.x cups-filters versions up to 2.0.1 Description The issue is related to the FoomaticRIPCommandLine function in the CUPS printing system, which allows remote command execution via a PPD file. This can be exploited when combined...

CVE-2024-3002

A vulnerability, which was classified as critical, was found in code-projects Online Book System 1.0. Affected is an unknown function of the file /description.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

PT-2024-23180 · Unknown · Code-Projects Online Book System

Name of the Vulnerable Software and Affected Versions: code-projects Online Book System version 1.0 Description: A critical issue was found in the code-projects Online Book System, affecting an unknown function of the file /description.php. The manipulation of the ID argument leads to SQL...