Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2025/10/01 5:36 p.m.6 views

cups: Authentication Bypass in CUPS Authorization Handling

A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is configured to use a method other than Basic, but the attacker sends an HTTP request with a Basic authentication header. Due to improper validation in the cupsdAuthorize...

8CVSS7.1AI score0.00964EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/09/30 12:23 p.m.5 views

cups: Authentication Bypass in CUPS Authorization Handling

A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is configured to use a method other than Basic, but the attacker sends an HTTP request with a Basic authentication header. Due to improper validation in the cupsdAuthorize...

8CVSS7.1AI score0.00964EPSS
Exploits1References5
CVE
CVE
added 2025/09/11 5:6 p.m.448 views

CVE-2025-58060

Summary: CVE-2025-58060 affects OpenPrinting CUPS and related package updates across Linux distributions, allowing authentication bypass when AuthType is not Basic but the request carries an Authorization: Basic header. The root cause is improper validation in cupsdAuthorize(), which can bypass p...

8CVSS6.7AI score0.00964EPSS
Exploits1References4Affected Software1
RedHat Linux
RedHat Linux
added 2025/09/11 4:10 p.m.28 views

cups: Authentication Bypass in CUPS Authorization Handling

A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is configured to use a method other than Basic, but the attacker sends an HTTP request with a Basic authentication header. Due to improper validation in the cupsdAuthorize...

8CVSS7.1AI score0.00964EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2013/03/14 4:40 p.m.4 views

Security: Ability to determine if username is valid via DaoAuthenticationProvider

DaoAuthenticationProvider in VMware SpringSource Spring Security before 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check the password if the user is not found, which makes the response delay shorter and might allow remote attackers to enumerate valid usernames via a series of logi...

5CVSS7.4AI score0.01936EPSS
Exploits0References4
Rows per page
Query Builder