Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2020/06/10 10:26 p.m.7 views

MGASA-2020-0248 Updated cups packages fix security vulnerability

Updated cups packages fix security vulnerabilities: It was discovered that CUPS incorrectly handled certain language values. A local attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or possibly obtain sensitive information CVE-2019-2228. Stephan...

8.8CVSS7.1AI score0.02091EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2019/05/14 11:52 a.m.23 views

CVE-2017-18190

A localhost.localdomain whitelist entry in validhost in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS serve...

7.5CVSS6AI score0.03026EPSS
Exploits1References1
Mageia
Mageiaadded 2018/02/26 11:40 p.m.44 views

Updated cups packages fix security vulnerability

Updated cups packages fix security vulnerability: Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to "localhost.localdomain" from the loopback interface. If a user were tricked in to opening a specially crafted website in their web browser, an attacker could...

7.5CVSS0.9AI score0.03026EPSS
Exploits1References2
OSV
OSVadded 2018/02/26 11:40 p.m.8 views

MGASA-2018-0147 Updated cups packages fix security vulnerability

Updated cups packages fix security vulnerability: Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to "localhost.localdomain" from the loopback interface. If a user were tricked in to opening a specially crafted website in their web browser, an attacker could...

7.5CVSS7.4AI score0.03026EPSS
Exploits1References3
OSV
OSVadded 2014/07/29 2:55 p.m.2 views

CVE-2014-5030

CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on 1 index.html, 2 index.class, 3 index.pl, 4 index.php, 5 index.pyc, or 6 index.py...

5.9AI score
Exploits0References11
Cvelist
Cvelistadded 2014/07/29 2:0 p.m.19 views

CVE-2014-5030

CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on 1 index.html, 2 index.class, 3 index.pl, 4 index.php, 5 index.pyc, or 6 index.py...

7.2AI score0.00362EPSS
Exploits0References10
Debian CVE
Debian CVEadded 2009/11/20 2:0 a.m.28 views

CVE-2009-3553

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service daemon crash or hang via a client disconnection during listin...

7.5CVSS7.5AI score0.03913EPSS
Exploits1
Rows per page
Query Builder