CLSA-2026-1769515411 cups: Fix of CVE-2025-61915

CVE-2025-61915: fix out-of-bound write issue caused by inserting malicious line in cups web UI config...

CLSA-2026-1768988530 cups: Fix of CVE-2025-58436

CVE-2025-58436: fix unresponsive cupsd process caused by a slow client...

EUVD-2020-25314

Malware in sbrugna...

EUVD-2014-8007

Malware in sbrugna...

cups: Cupsd Listen arbitrary chmod 0140777

A flaw was found in the cupsd server. When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Since cupsd is often running as root, this...

USN-6844-2 cups regression

USN-6844-1 fixed vulnerabilities in the CUPS package. The update lead to the discovery of a regression in CUPS with regards to how the cupsd daemon handles Listen configuration directive. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Rory McNamara...

OESA-2024-1758 cups security update

CUPS is the standards-based, open source printing system developed by Apple Inc. for UNIX®-like operating systems. CUPS uses the Internet Printing Protocol IPP to support printing to local and network printers.. Security Fixes: OpenPrinting CUPS is an open source printing system for Linux and oth...

SUSE CVE-2010-0393

The cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with...

SUSE CVE-2015-1158

The addjob function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted 1 IPPCREATEJOB or 2 IPPPRINTJOB...

Ubuntu: Security Advisory (USN-50-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-4060

In LoRa Basics Station before 2.0.4, there is a Use After Free vulnerability that leads to memory corruption. This bug is triggered on 32-bit machines when the CUPS server responds with a message https://doc.sm.tc/station/cupsproto.htmlhttp-post-response where the signature length is larger than ...

Design/Logic Flaw

In LoRa Basics Station before 2.0.4, there is a Use After Free vulnerability that leads to memory corruption. This bug is triggered on 32-bit machines when the CUPS server responds with a message https://doc.sm.tc/station/cupsproto.htmlhttp-post-response where the signature length is larger than ...

CVE-2020-4060 Use After Free in in cups_update_info in LoRa Basics Station

In LoRa Basics Station before 2.0.4, there is a Use After Free vulnerability that leads to memory corruption. This bug is triggered on 32-bit machines when the CUPS server responds with a message https://doc.sm.tc/station/cupsproto.htmlhttp-post-response where the signature length is larger than ...

Debian: Security Advisory (DLA-1387-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-8166

The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name...

CVE-2014-8166

The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name...

CVE-2014-8166

The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name...

Scientific Linux Security Update : cups-filters on SL7.x x86_64 (20151119)

A heap-based buffer overflow flaw and an integer overflow flaw leading to a heap-based buffer overflow were discovered in the way the texttopdf utility of cups-filter processed print jobs with a specially crafted line size. An attacker able to submit print jobs could use these flaws to crash...

CentOS 7 : cups-filters (CESA-2015:2360)

Updated cups-filters packages that fix two security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

cups security update

CentOS Errata and Security Advisory CESA-2015:2360 Updated cups-filters packages that fix two security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common...