SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cups-filters (SUSE-SU-2026:1948-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1948-1 advisory. This update for cups-filters fixes the following issues - error about PPD file during 'driverless' printe...

Security update for cups-filters

This update for cups-filters fixes the following issues error about PPD file during 'driverless' printer setup bsc1256868. ppd pull out from driverless printer feature broken bsc1256977. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2026:1948-1 Security update for cups-filters

This update for cups-filters fixes the following issues - error about PPD file during 'driverless' printer setup bsc1256868. - ppd pull out from driverless printer feature broken bsc1256977...

CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination...

CVE-2025-15275

FontForge SFD File Parsing Heap-based Buffer Overflow (CVE-2025-15275) affects FontForge and enables remote code execution. The flaw occurs in the SFD parser, where the length of user-supplied data is not properly validated before copying to a heap-based buffer, allowing an attacker to run arbitr...

Malicious code in keyla-poke80 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fead89eccdb880a74be8f3053b394cc603dcbb494fb0f25618a04adbdf861b9e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in okta-rojak76-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d9f45f45f49406f06fe02b9fa5151af604f5befab23d69271e29fde388fcd6b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-78626 Malicious code in hadianto-bakso50-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 818075c7e9e1969c46e977fbc980910cff86501bb5a42b7c88266f4100b2c49b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in additional-red-crayfish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cedec46ce37ac2717592c0826c48e2ecdbef71ad22fadb60b6008ced07774fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-12327

A vulnerability was determined in shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. This issue affects some unknown processing of the file /description.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been public...

CVE-2025-12327 shawon100 RUET OJ description.php sql injection

A vulnerability was determined in shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. This issue affects some unknown processing of the file /description.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been public...

EUVD-2000-0797

Malware in sbrugna...

EUVD-2007-5742

Malware in sbrugna...

Security update for cups-filters

This update for cups-filters fixes the following issues: CVE-2024-47175: no validation of IPP attributes in ppdCreatePPDFromIPP2 when writing to a temporary PPD file allows for the injection of attacker-controlled data to the resulting PPD bsc1230932. Patch Instructions: To install this SUSE upda...

CVE-2025-22421

In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

USN-7044-1 libcupsfilters vulnerability

Simone Margaritelli discovered that libcupsfilters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

PT-2024-6441

Name of the Vulnerable Software and Affected Versions CUPS versions 2.x cups-filters versions up to 2.0.1 Description The issue is related to the FoomaticRIPCommandLine function in the CUPS printing system, which allows remote command execution via a PPD file. This can be exploited when combined...

CVE-2024-3002

A vulnerability, which was classified as critical, was found in code-projects Online Book System 1.0. Affected is an unknown function of the file /description.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

Online Book System SQL注入漏洞

Online Book System is an online booking system. A SQL injection vulnerability exists in Online Book System version 1.0, which originates from a lack of validation of externally entered SQL statements in the ID parameter of the /description.php file. An attacker can exploit this vulnerability to...