Lucene search
+L

40 matches found

bdu_fstec
bdu_fstec
added 2026/04/20 12:0 a.m.5 views

The vulnerability of the cupsd server daemon in the CUPS printing system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the cupsd server daemon in the CUPS printing system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information...

5.6CVSS6AI score0.00317EPSS
Exploits1References6Affected Software5
redhat
redhat
added 2026/04/17 5:4 p.m.2 views

cups: CUPS: Denial of Service via integer underflow in IPP attribute handling

A flaw was found in CUPS, an open-source printing system. An unprivileged local user can exploit an integer underflow vulnerability by providing a negative job-password-supported Internet Printing Protocol IPP attribute. This manipulation causes the cupsd root process to crash, which can be...

6.2CVSS6AI score0.00154EPSS
Exploits1References5
osv
osv
added 2026/04/07 5:0 p.m.3 views

CVE-2026-39316 CUPS has a use-after-free in `cupsdDeleteTemporaryPrinters` via dangling subscription pointer

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler cupsd when temporary printers are automatically deleted. cupsdDeleteTemporaryPrinters in...

4CVSS6.3AI score0.00178EPSS
Exploits1References3
nessus
nessus
added 2026/04/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-39316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerabilit...

6.2CVSS5.7AI score0.00178EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2026/04/05 12:0 a.m.6 views

PT-2026-30925

Name of the Vulnerable Software and Affected Versions OpenPrinting CUPS versions 2.4.16 and prior Description OpenPrinting CUPS is a printing system for Linux and Unix-like systems. A use-after-free issue exists in the CUPS scheduler cupsd when temporary printers are automatically removed. The...

7.8CVSS5.8AI score0.00502EPSS
Exploits6References65
alpinelinux
alpinelinux
added 2026/04/03 9:11 p.m.4 views

CVE-2026-27447

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, CUPS daemon cupsd contains an authorization bypass vulnerability due to case-insensitive username comparison during authorization checks. The vulnerability allows an...

6.3CVSS5.7AI score0.00317EPSS
Exploits1References2
cve
cve
added 2026/04/03 9:11 p.m.48 views

CVE-2026-27447

OpenPrinting CUPS (cupsd) contains an authorization bypass in versions 2.4.16 and earlier due to case-insensitive username comparison during authorization checks. This allows an unprivileged user to access restricted operations by using a username that differs only in case from an authorized user...

6.3CVSS5.9AI score0.00317EPSS
Exploits1References2Affected Software1
osv
osv
added 2026/01/28 10:57 a.m.9 views

CLSA-2026-1769597819 Fix CVE(s): CVE-2025-58436

SECURITY UPDATE: cupsd DoS via slow client connections - debian/patches/CVE-2025-58436.patch: implement non-blocking I/O and connection timeouts to prevent slow clients from blocking cupsd. - CVE-2025-58436...

5.5CVSS6AI score0.00195EPSS
Exploits1References1
nessus
nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 9 : cups-2.3.3op2-21.el9 (AXSA:2023-6748:11)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6748:11 advisory. cups: heap buffer overflow may lead to DoS CVE-2023-32324 cups: use-after-free in cupsdAcceptClient in scheduler/client.c CVE-2023-34241 Tenable has...

7.5CVSS7.3AI score0.01473EPSS
Exploits2References3
osv
osv
added 2026/01/13 10:32 a.m.9 views

CLSA-2026-1768300368 Fix CVE(s): CVE-2025-58436

SECURITY UPDATE: fix DoS by a client that connect to cupsd sends slow messages. - debian/patches/CVE-2025-58436.patch: fix unresponsive cupsd process caused by a slow client. - CVE-2025-58436. Fix test/run-stp-tests.sh - debian/patches/waiting-limit.patch: limit the waiting for a server dunring...

5.5CVSS5.8AI score0.00195EPSS
Exploits1References1
redhat
redhat
added 2026/01/12 2:47 p.m.5 views

cups: Slow client communication leads to a possible DoS attack

A flaw was found in cups. A client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients...

5.5CVSS5.7AI score0.00195EPSS
Exploits1References4
nvd
nvd
added 2025/11/29 3:15 a.m.6 views

CVE-2025-58436

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue...

5.5CVSS0.00195EPSS
Exploits1References4
fedora
fedora
added 2024/09/28 1:28 a.m.21 views

[SECURITY] Fedora 40 Update: libcupsfilters-2.1~b1-3.fc40

Libcupsfilters provides a library, which implements common functions used in cups-browsed daemon and printing filters, and additional files as banner templates and character sets. The filters are used in CUPS daemon and in printer applications...

8.6CVSS7AI score0.76959EPSS
Exploits17
fedora
fedora
added 2024/09/28 1:20 a.m.18 views

[SECURITY] Fedora 39 Update: libcupsfilters-2.1~b1-3.fc39

Libcupsfilters provides a library, which implements common functions used in cups-browsed daemon and printing filters, and additional files as banner templates and character sets. The filters are used in CUPS daemon and in printer applications...

8.6CVSS7AI score0.76959EPSS
Exploits17
fedora
fedora
added 2024/09/28 12:18 a.m.13 views

[SECURITY] Fedora 41 Update: libcupsfilters-2.1~b1-3.fc41

Libcupsfilters provides a library, which implements common functions used in cups-browsed daemon and printing filters, and additional files as banner templates and character sets. The filters are used in CUPS daemon and in printer applications...

8.6CVSS7AI score0.76959EPSS
Exploits5
redhat
redhat
added 2024/08/20 4:14 p.m.10 views

cups: Cupsd Listen arbitrary chmod 0140777

A flaw was found in the cupsd server. When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Since cupsd is often running as root, this...

6.7CVSS5.8AI score0.02421EPSS
Exploits1References5
redhat
redhat
added 2024/07/24 8:50 a.m.5 views

cups: Cupsd Listen arbitrary chmod 0140777

A flaw was found in the cupsd server. When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Since cupsd is often running as root, this...

6.7CVSS5.8AI score0.02421EPSS
Exploits1References5
redhat
redhat
added 2024/07/02 3:43 p.m.5 views

cups: Cupsd Listen arbitrary chmod 0140777

A flaw was found in the cupsd server. When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Since cupsd is often running as root, this...

6.7CVSS5.8AI score0.02421EPSS
Exploits1References5
osv
osv
added 2023/06/22 11:15 p.m.2 views

DEBIAN-CVE-2023-34241

OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data...

7.1CVSS6.3AI score0.01395EPSS
Exploits1References1
susecve
susecve
added 2023/02/15 6:4 a.m.5 views

SUSE CVE-2009-0949

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...

7.5CVSS6.8AI score0.19633EPSS
Exploits3References4
Rows per page
Query Builder