Exploit for Binding to an Unrestricted IP Address in Openprinting Cups-Browsed

No d...

CVE-2026-6892

Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization. :Canon...

CVE-2026-6892

The CVE-2026-6892 entry concerns improper handling of symbolic links in the macOS installer for Canon CUPS Printer Driver (affecting Canon PIXUS iX6800 Series and MG2500 Series). The underlying issue is symbolic-links manipulation during installation, which could allow a local user with login pri...

CVE-2026-6892

Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization. :Canon...

Canon CUPS Printer Driver 安全漏洞

The Canon CUPS Printer Driver is a printer driver suite developed by the Japanese company Canon. Versions of the Canon CUPS Printer Driver 16.91.0.0 and earlier contained security vulnerabilities. These vulnerabilities were due to improper handling of symbolic links in the installation process,...

openSUSE 16 Security Update : cups (openSUSE-SU-2026:20812-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20812-1 advisory. This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. -...

PT-2026-44709

Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization. :Canon...

Security update for cups (important)

openSUSE security update: security update for cups ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20812-1 Rating: important References: bsc1261568 bsc1261569 bsc1261570 bsc1261571 bsc1261572 bsc1261742 bsc1261743 bsc1263116 Cross-References:...

SUSE-SU-2026:21836-1 Security update for cups

This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...

SUSE-SU-2026:21850-1 Security update for cups

This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...

OPENSUSE-SU-2026:20812-1 Security update for cups

This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...

Unauthenticated Remote Code Execution

Description Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. This leads to a remote code execution vulnerability. Print servers configured with "printing...

CLSA-2026-1779436377 cups: Fix of CVE-2026-27447

CVE-2026-27447: fix authorization bypass in cupsd by replacing case-insensitive username comparisons with byte-exact strcmp against pw-pwname; also include upstream follow-up commit 849fba7d "Fix unauthenticated print policies", Issue 1557 to restore behavior for CUPSDAUTHNONE policies with named...

Astra Linux - уязвимость в cups-filters

“Cups-filters” contains backends, filters, and other software necessary to enable the “cups printing service” on operating systems other than macOS. In versions 2.0.1 and earlier, a heap-buffer-overflow vulnerability in the “rastertopclx” filter caused the program to crash with a segmentation fau...

Astra Linux - уязвимость в cups

OpenPrinting CUPS is an open-source printing system. In versions 2.4.2 and earlier, a heap buffer overflow vulnerability existed, which allowed a remote attacker to launch a Denial-of-Service DoS attack. This vulnerability was present in the formatlogline function. Exploitation of this...

Astra Linux - уязвимость в cups

CUPS is a standards-based, open-source printing system, and libppd can be used for supporting legacy PPD files. The ppdCreatePPDFromIPP2 function in libppd does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5,...

Astra Linux - уязвимость в cups-filters

CUPS is a standards-based, open-source printing system. libcupsfilters contains the code for the filters from the former cups-filters package, as library functions used for data format conversion tasks in Printer Applications. In CUPS-Filters versions up to and including 1.28.17, and...

Astra Linux - уязвимость в cups-filters

“cups-filters” contains backends, filters, and other software required to make the cups printing service work on operating systems other than macOS. If you use the Backend Error Handler beh to create an accessible network printer, this security vulnerability can lead to remote code execution. The...

Astra Linux - уязвимость в cups-filters

“cups-filters” contains backends, filters, and other software required to make the cups printing service work on operating systems other than macOS. In “cups-filters” before version 1.28.18, an attacker could create a PDF file with a high value for “MediaBox”, causing the “pdftoraster” tool in...

Astra Linux - уязвимость в cups

OpenPrinting CUPS is an open-source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization attack and improper validation of printer attributes could lead to a null dereference in the libcups library. This is a remote DoS...