Lucene search
K

163 matches found

OSV
OSV
added 2024/06/11 2:13 p.m.31 views

CVE-2024-35235 Cupsd Listen arbitrary chmod 0140777

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the...

4.4CVSS5.4AI score0.02421EPSS
Exploits1References11
Debian CVE
Debian CVE
added 2024/06/11 2:13 p.m.35 views

CVE-2024-35235

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the...

6.7CVSS6.1AI score0.02421EPSS
Exploits1
Fedora
Fedora
added 2023/09/26 1:22 a.m.23 views

[SECURITY] Fedora 38 Update: libppd-2.0~rc2-4.fc38

Libppd provides all PPD related function/API which is going to be removed from CUPS 3.X, but are still required for retro-fitting support of legacy printers. The library is meant only for retro-fitting printer applications, any new printer drivers have to be written as native printer application...

7CVSS7.6AI score0.00663EPSS
Exploits2
OSV
OSV
added 2023/09/21 11:15 p.m.6 views

AZL-37100 CVE-2023-4504 affecting package cups for versions less than 2.4.10-1

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...

7CVSS7.4AI score0.00663EPSS
Exploits2References1
OSV
OSV
added 2023/09/21 11:15 p.m.8 views

AZL-37075 CVE-2023-4504 affecting package cups for versions less than 2.3.3op2-7

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...

7CVSS7.4AI score0.00663EPSS
Exploits2References1
OSV
OSV
added 2023/09/21 11:15 p.m.55 views

CVE-2023-4504

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...

7CVSS7.5AI score0.00663EPSS
Exploits2References11
OSV
OSV
added 2023/09/21 11:15 p.m.2 views

DEBIAN-CVE-2023-4504

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...

7CVSS7.6AI score0.00663EPSS
Exploits2References1
AlpineLinux
AlpineLinux
added 2023/09/21 10:47 p.m.41 views

CVE-2023-4504

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...

7CVSS7.7AI score0.00663EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2023/09/20 2:24 p.m.40 views

CVE-2023-4504

A vulnerability was found in OpenPrinting CUPS. The security flaw occurs due to failure in validating the length provided by an attacker-crafted CUPS document, possibly leading to a heap-based buffer overflow and code execution. Mitigation For a successful attack, the victim had to install a PPD...

7CVSS7.4AI score0.00663EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:38 a.m.2 views

SUSE CVE-2017-15400

Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue...

9.3CVSS8.7AI score0.00878EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2022/08/30 10:4 p.m.10 views

ppd-bg.com Cross Site Scripting vulnerability OBB-2878398

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/05/15 8:49 a.m.11 views

ppd-bg.com Cross Site Scripting vulnerability OBB-2618274

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
OpenVAS
OpenVAS
added 2021/03/05 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2021-1573)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00387EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.30 views

CentOS 8 : cups (CESA-2020:4469)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4469 advisory. - cups: heap based buffer overflow in libcups's ppdFindOption in ppd-mark.c CVE-2020-3898 Note that Nessus has not tested for this issue but has instead relied...

7.8CVSS7AI score0.00387EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/11/06 12:0 a.m.37 views

EulerOS Virtualization 3.0.6.6 : cups (EulerOS-SA-2020-2464)

According to the version of the cups packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - heap based buffer overflow in libcups's ppdFindOption in ppd-mark.cCVE-2020-3898 Note that Tenable Network Security has extracted the...

7.8CVSS7AI score0.00387EPSS
Exploits0References2
Veracode
Veracode
added 2020/11/05 3:19 a.m.30 views

Denial Of Service (DoS)

cups is vulnerable to denial of service DoS. The vulnerability exists through heap based buffer overflow in libcups's ppdFindOption in ppd-mark.c...

7.8CVSS2.3AI score0.00387EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2020/11/04 2:0 a.m.2 views

cups: heap based buffer overflow in libcups's ppdFindOption() in ppd-mark.c

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges...

7.8CVSS7.2AI score0.00387EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/11/04 12:0 a.m.20 views

RHEL 8 : cups (RHSA-2020:4469)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4469 advisory. The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: heap...

7.8CVSS7AI score0.00387EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2020/10/30 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2020-2241)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00387EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/04/27 3:18 p.m.77 views

USN-4340-1: CUPS vulnerabilities

It was discovered that CUPS incorrectly handled certain language values. A local attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10...

7.8CVSS6.7AI score0.00387EPSS
Exploits0
Rows per page
Query Builder