CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Security Bulletins•added 2025/01/28 10:8 p.m.•20 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to arbitrary code execution [CVE-2024-47175]

Summary OpenPrinting libppd is present as a Red Hat package in the IBM App Connect Enterprise Certified Container images used by the DesignerAuthoring operand. IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to arbitrary code execution. This bulletin...

9.8CVSS7.5AI score0.36802EPSS

Exploits14Affected Software1

RedHat Linux•added 2025/01/08 12:3 p.m.•3 views

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

Tenable Nessus•added 2024/12/12 12:0 a.m.•8 views

EulerOS 2.0 SP12 : cups (EulerOS-SA-2024-2947)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2...

9.8CVSS8.1AI score0.87593EPSS

Tenable Nessus•added 2024/12/12 12:0 a.m.•8 views

EulerOS 2.0 SP12 : cups (EulerOS-SA-2024-2932)

9.8CVSS8.1AI score0.87593EPSS

Tenable Nessus•added 2024/12/12 12:0 a.m.•10 views

EulerOS 2.0 SP11 : cups (EulerOS-SA-2024-2963)

9.8CVSS8.1AI score0.87593EPSS

Packet Storm•added 2024/11/22 12:0 a.m.•566 views

CUPS IPP Attributes LAN Remote Code Execution

class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Exploit::Remote::DNS::Common include Exploit::Remote::SocketServer include Msf::Exploit::Remote::HttpServer::HTML Accessor for IPP HTTP service attraccessor :service2 MULTICASTADDR = '224.0.0.251' Define IPP constants module...

8.6CVSS7.4AI score0.87593EPSS

Exploits17

Tenable Nessus•added 2024/11/14 12:0 a.m.•4 views

Fedora 41 : cups / cups-browsed / libcupsfilters / libppd (2024-3fc82fed09)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-3fc82fed09 advisory. Fix for remove vulnerabilities against OpenPrinting cups-filters Tenable has extracted the preceding description block directly from the Fedora security...

5.6AI score

Exploits0References1

IBM Security Bulletins•added 2024/11/13 11:48 a.m.•20 views

Security Bulletin: Multiple Vulnerabilities in IBM Event Endpoint Management

Summary Multiple vulnerabilities were addressed in IBM Event Endpoint Management version 11.3.2 Vulnerability Details CVEID:CVE-2024-47176 DESCRIPTION: OpenPrinting cups-browsed could allow a remote attacker to obtain sensitive information, caused by the binding on UDP INADDRANY:631 and trusting...

9.8CVSS9.9AI score0.87593EPSS

Exploits17Affected Software1

RedHat Linux•added 2024/11/12 10:27 a.m.•2 views

cups: libppd: remote command injection via attacker controlled data in PPD file

OSV•added 2024/10/12 11:9 a.m.•2 views

OESA-2024-2225 cups security update

CUPS is the standards-based, open source printing system developed by Apple Inc. for UNIX®-like operating systems. CUPS uses the Internet Printing Protocol IPP to support printing to local and network printers.. Security Fixes: CUPS is a standards-based, open-source printing system, and libppd ca...

9.8CVSS7.4AI score0.36802EPSS

Exploits14References2

OSV•added 2024/10/12 11:9 a.m.•3 views

OESA-2024-2223 cups security update

9.8CVSS7.4AI score0.36802EPSS

Exploits14References2

OSV•added 2024/10/06 7:0 p.m.•0 views

UBUNTU-CVE-2024-47175

CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5, can...

9.8CVSS7.5AI score0.36802EPSS

Exploits14References8

RedHat Linux•added 2024/10/03 11:27 a.m.•3 views

cups: libppd: remote command injection via attacker controlled data in PPD file

RedHat Linux•added 2024/10/03 11:27 a.m.•14 views

Important: Red Hat Security Advisory: cups-filters security update

An update for cups-filters is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update...

9.8CVSS7.2AI score0.87593EPSS

Exploits17References4

RedHat Linux•added 2024/10/02 11:35 a.m.•3 views

cups: libppd: remote command injection via attacker controlled data in PPD file

Tenable Nessus•added 2024/10/02 12:0 a.m.•22 views

RHEL 7 : cups-filters (RHSA-2024:7551)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7551 advisory. The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System CUPS...

9.8CVSS7.6AI score0.87593EPSS

Exploits17References9

RedHat Linux•added 2024/10/01 6:38 p.m.•22 views

Important: Red Hat Security Advisory: cups-filters security update

An update for cups-filters is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS7.2AI score0.87593EPSS

Exploits17References4

RedHat Linux•added 2024/10/01 6:38 p.m.•3 views

cups: libppd: remote command injection via attacker controlled data in PPD file