Search CVE reports
31 – 40 of 134 results
Some fixes available 5 of 7
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
2 affected packages
cups-filters, foomatic-filters
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cups-filters | — | — | — | — |
| foomatic-filters | — | — | — | — |
Some fixes available 1 of 2
IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request.
2 affected packages
cups-filters, ippusbxd
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cups-filters | — | — | — | — |
| ippusbxd | — | — | — | — |
Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which...
1 affected package
cups-filters
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cups-filters | — | — | — | — |
Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small...
1 affected package
cups-filters
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cups-filters | — | — | — | — |
Some fixes available 31 of 85
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to...
23 affected packages
clamav, radare2, librcsb-core-wrapper, efl, alpine...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| clamav | Fixed | Fixed | Fixed | Fixed |
| radare2 | Not affected | Not in release | Not affected | Not affected |
| librcsb-core-wrapper | Not affected | Not affected | Not affected | Not affected |
| efl | Not affected | Not affected | Not affected | Not affected |
| alpine | Not affected | Not affected | Not affected | Not affected |
| ptlib | Not in release | Not in release | Not in release | Not affected |
| nvi | Not affected | Not affected | Not affected | Not affected |
| openrpt | Not in release | Not in release | Not in release | Vulnerable |
| cups | Not affected | Not affected | Not affected | Not affected |
| haskell-regex-posix | Not affected | Not affected | Not affected | Not affected |
| llvm-toolchain-3.4 | Not in release | Not in release | Not in release | Not in release |
| llvm-toolchain-3.5 | Not in release | Not in release | Not in release | Not in release |
| llvm-toolchain-3.6 | Not in release | Not in release | Not in release | Not in release |
| newlib | Not affected | Not affected | Not affected | Not affected |
| olsrd | Not in release | Not in release | Not in release | Not affected |
| php5 | Not in release | Not in release | Not in release | Not in release |
| sma | Not affected | Not affected | Not affected | Not affected |
| vigor | Not affected | Not affected | Not affected | Not affected |
| vnc4 | Not in release | Not in release | Not in release | Not affected |
| yap | Not in release | Not in release | Not in release | Not affected |
| z88dk | Not in release | Not in release | Not in release | Not in release |
| knews | Not affected | Not affected | Not affected | Not affected |
| llvm-toolchain-snapshot | Not in release | Not in release | Not in release | Not in release |
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE:...
1 affected package
cups-filters
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cups-filters | — | — | — | — |
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
1 affected package
cups
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cups | — | — | — | — |
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for...
1 affected package
cups
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cups | — | — | — | — |
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
1 affected package
cups
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cups | — | — | — | — |
The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name.
1 affected package
cups
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cups | — | — | — | Not affected |