Lucene search
K

8 matches found

BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.3 views

The vulnerability of the CUPS printing server arises from incorrect handling of symbolic links before accessing files. This allows attackers to gain access to confidential data.

The vulnerability of the CUPS printing server is related to an incorrect definition of symbolic links before accessing the file. Exploiting this vulnerability can allow an attacker to gain access to confidential data when running the cupsd server with the Listen configuration element...

4.6CVSS5.4AI score0.02421EPSS
Exploits1References19Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.5 views

The vulnerability of the CUPS printing server stems from deficiencies in the authentication process, allowing attackers to gain access to confidential data.

The vulnerability of the CUPS printing server is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain access to confidential data...

5.5CVSS6.1AI score0.00347EPSS
Exploits0References15Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/07/17 12:0 a.m.5 views

The vulnerability of the httpClose function in the CUPS printing server allows a attacker to cause a service failure.

The vulnerability of the httpClose function in a CUPS printing server lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause service failures...

7.1CVSS6.5AI score0.01395EPSS
Exploits1References21Affected Software13
BDU FSTEC
BDU FSTEC
added 2021/07/06 12:0 a.m.5 views

The vulnerability of the ippReadIO function in the cups/ipp.c component of the printing server’s CUPS software lies in the lack of input validation mechanisms. This allows attackers to access confidential information.

The vulnerability of the ippReadIO function in the cups/ipp.c component of the printing server CUPS is related to the lack of a mechanism for checking input data. Exploiting this vulnerability allows an attacker to gain access to confidential information remotely...

6.5CVSS6.6AI score0.01037EPSS
Exploits0References13Affected Software4
RedHat Linux
RedHat Linux
added 2020/03/31 8:58 p.m.5 views

cups: Predictable session cookie breaks CSRF protection

REJECTED CVE A predictable session cookie vulnerability was identified in the CUPS printing server. Insufficient randomness in session cookie generation made it easy to guess, undermining CSRF protection. This flaw allowed unauthorized scripted access to the CUPS web interface when enabled, posin...

7.3AI score
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.7 views

The vulnerability of the add_job function (scheduler/ipp.c) in the CUPS printing server allows a attacker to compromise data integrity.

The vulnerability of the addjob function in the scheduler/ipp.c file of the CUPS print server is related to insufficient validation of input data when D-Bus support is enabled. Exploiting this vulnerability could allow a malicious actor to compromise data integrity...

5.3CVSS5.5AI score0.02255EPSS
Exploits1References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.6 views

The vulnerability of the CUPS printing server, related to authentication errors, allows a perpetrator to gain access to confidential data.

The vulnerability of the CUPS printing server is related to the improper handling of certain include directives. This allows unprivileged users to gain access to and read arbitrary files from the superuser’s perspective. Exploiting this vulnerability enables a perpetrator to gain access to...

5.5CVSS6.6AI score0.00452EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.5 views

The vulnerability of the CUPS printing server allows a attacker to modify the device configuration file or execute arbitrary code.

The vulnerability of the addjob function in the scheduler/ipp.c file of the CUPS printing server is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to modify the device configuration file remotely or execute arbitrary code using specially crafted...

10CVSS7.7AI score0.29913EPSS
Exploits8References8Affected Software1
Rows per page
Query Builder