from 0, < 2.3.3op2-3+deb11u9
from 0, < 2.4.2-3+deb12u8
from 0, < 2.3.3op2-3+deb11u9
CRITICAL9.8ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allow…
from 0, < 1.4.4-7
CRITICAL9.8CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a pri…
from 0, < 1.1.20final+rc1-1
HIGH8.8A buffer overflow issue was addressed with improved memory handling.
from 0, < 2.2.12-1
HIGH8.8A buffer overflow issue was addressed with improved memory handling.
from 0, < 2.2.12-1
HIGH8.8The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links.
from 0, < 2.2.8-5
HIGH8.8The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attack…
from 0
HIGH8.0cups - security update
from 0, < 2.3.3op2-3+deb11u10
HIGH8.0cups - security update
from 0, < 2.3.3op2-3+deb11u10
HIGH8.0cups - security update
from 0, < 2.4.2-3+deb12u9
HIGH7.8A memory corruption issue was addressed with improved validation.
from 0, < 2.3.1-12
HIGH7.8cups - security update
from 0, < 1.7.5-11+deb8u4
HIGH7.8cups - security update
from 0, < 2.2.8-2
HIGH7.8cups - security update
from 0, < 2.2.3-2
HIGH7.8cups - security update
from 0, < 2.2.1-8+deb9u2
HIGH7.5OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.
from 0
HIGH7.5cups - security update
from 0, < 1.5.3-5+deb7u7
HIGH7.5cups - security update
from 0, < 2.2.3-2
HIGH7.5cups - security update
from 0, < 1.7.5-11+deb8u3
HIGH7.5Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the…
from 0, < 1.4.2-10
HIGH7.5Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the…
from 0, < 1.4.2-4
HIGH7.5cups cupsys - denial of service
from 0, < 1.3.8-1+lenny6
HIGH7.5cups cupsys - denial of service
from 0, < 1.3.10-1
HIGH7.5cups - several
from 0, < 1.3.8-1+lenny9
HIGH7.5cups - several
from 0, < 1.3.9-13
HIGH7.5Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, w…
from 0, < 1.1.18-1
HIGH7.1cups - security update
from 0, < 2.2.10-6+deb10u8
HIGH7.1cups - security update
from 0, < 2.3.3op2-3+deb11u3
HIGH7.0Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-…
from 0, < 2.3.3op2-3+deb11u4
MEDIUM6.7OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.
from 0
MEDIUM6.7cups - security update
from 0, < 2.3.3op2-3+deb11u7
MEDIUM6.7cups - security update
from 0, < 2.2.10-6+deb10u10
MEDIUM6.7cups - security update
from 0, < 2.3.3op2-3+deb11u2
MEDIUM6.7cups - security update
from 0, < 2.2.10-6+deb10u6
MEDIUM6.7cups - security update
from 0, < 2.2.1-8+deb9u8
MEDIUM6.5OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.
from 0
MEDIUM6.5OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.
from 0, < 2.3.3op2-3+deb11u10
MEDIUM6.3OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.
from 0
MEDIUM6.2OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.
from 0
MEDIUM6.2OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.
from 0
MEDIUM5.9cups - security update
from 0, < 2.2.10-1
MEDIUM5.9cups - security update
from 0, < 1.7.5-11+deb8u6
MEDIUM5.5OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.
from 0
MEDIUM5.5cups - security update
from 0, < 2.3.3op2-3+deb11u4
MEDIUM5.5cups - security update
from 0, < 2.2.10-6+deb10u9
MEDIUM5.5cups - security update
from 0, < 2.2.10-6+deb10u7
MEDIUM5.5cups - security update
from 0, < 2.3.3op2-3+deb11u3
MEDIUM5.5cups - security update
from 0, < 2.2.1-8+deb9u7
MEDIUM5.5cups - security update
from 0, < 2.3.3op2-1
MEDIUM5.5cups - security update
from 0, < 1.7.5-11+deb8u7
MEDIUM5.5cups - security update
from 0, < 2.3.1-1
MEDIUM5.5cups - security update
from 0, < 1.7.5-11+deb8u5
MEDIUM5.5cups - security update
from 0, < 2.2.12-1
MEDIUM5.5In macOS High Sierra before 10.13.5, an issue existed in CUPS.
from 0, < 2.2.8-2
MEDIUM5.4OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.
from 0
MEDIUM5.3OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.
from 0
MEDIUM5.3cups - security update
from 0, < 2.2.6-1
MEDIUM5.3cups - security update
from 0, < 1.5.3-5+deb7u8
LOW3.3cups - security update
from 0, < 2.3.1-12
LOW3.3cups - security update
from 0, < 1.7.5-11+deb8u8
—OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems.
from 0
—Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (cra…
from 0, < 1.5.0-16
—cups-filters - security update
from 0, < 1.5.0-16
—cups-filters - security update
from 0, < 1.4.4-7+squeeze10
—Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows…
from 0, < 1.7.5-12
—cups - security update
from 0, < 1.5.3-5+deb7u6
—cups - security update
from 0, < 1.7.5-12
—cups - security update
from 0, < 1.4.4-7+squeeze8
—cups - security update
from 0, < 1.7.5-11
—cups - security update
from 0, < 1.4.4-7+squeeze7
—cups - security update
from 0, < 1.5.3-5+deb7u5
—The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains se…
from 0, < 1.7.4-2
—CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index…
from 0, < 1.7.4-2
—The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cup…
from 0, < 1.7.4-2
—cups - security update
from 0, < 1.4.4-7+squeeze6
—cups - security update
from 0, < 1.7.4-1
—cups - security update
from 0, < 1.5.3-5+deb7u4
—Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers t…
from 0, < 1.7.2-1
—The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local us…
from 0, < 1.5.0-16
—Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0…
from 0, < 1.5.0-16
—cups - security update
from 0, < 1.5.0-16
—cups - security update
from 0, < 1.4.4-7+squeeze4
—lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified H…
from 0, < 1.7.1-1
—cups - privilege escalation
from 0, < 1.4.4-7+squeeze2
—cups - privilege escalation
from 0, < 1.5.3-2.7
—The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, wh…
from 0, < 1.5.0-8
—cups - several
from 0, < 1.5.0-8
—cups - several
from 0, < 1.4.4-7+squeeze1
—The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a dem…
from 0, < 1.4.4-1
—The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink att…
from 0, < 1.4.4-1
—The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of c…
from 0, < 1.4.4-1
—The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 1…
from 0, < 1.4.4-1
—Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6…
from 0, < 1.4.4-1
—cups - arbitrary code execution
from 0, < 1.4.2-9.1
—cups - arbitrary code execution
from 0, < 1.3.8-1+lenny8
—cups cupsys - cross-site scripting
from 0, < 1.3.8-1+lenny7
—cups cupsys - cross-site scripting
from 0, < 1.4.2-1
—The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd…
from 0, < 1.1.99.b1.r4748-1
—Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and…
from 0, < 1.3.10-1
—The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attac…
from 0, < 1.3.10-1
—cups cupsys - arbitrary code execution
from 0, < 1.3.8-1lenny5
—cups cupsys - arbitrary code execution
from 0, < 1.3.10-1
—pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a differ…
from 0, < 1.3.8-1lenny1
—cupsys - arbitrary code execution
from 0, < 1.3.8-1lenny4
—The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which make…
from 0, < 1.3.8-1
—Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a craft…
from 0, < 1.3.8-1lenny2
—cupsys - several vulnerabilities
from 0, < 1.3.8-1lenny2
—The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen…
from 0, < 1.3.8-1lenny2
—The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attacke…
from 0, < 1.3.7-1
—Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (…
from 0, < 1.3.7-2
—cupsys - buffer overflow
from 0, < 1.3.7-1
—cupsys - arbitrary code execution
from 0, < 1.3.6-1
—cupsys - multiple vulnerabilities
from 0, < 1.3.6-3
—cupsys - arbitrary code execution
from 0, < 1.3.6-1
—cupsys
from 0, < 1.3.5-1
—Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service.
from 0, < 1.2.0
—pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].…
from 0, < 1.3.5-1
—kdegraphics - buffer overflow with arbitrary code execution
from 0, < 1.1.22-7
—Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a c…
from 0, < 1.1.22-7
—koffice - several vulnerabilities
from 0, < 1.1.22-7
—cupsys - buffer overflow
from 0, < 1.3.4-1
—The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service…
from 0, < 1.2
—The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL…
from 0, < 1.2.7-1
—The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others al…
from 0, < 1.1.22-7
—Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
from 0, < 1.1.22-7
—Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, popp…
from 0, < 1.1.22-7
—Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
from 0, < 1.1.22-7
—Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to m…
from 0, < 1.1.22-7
—Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 1.1.23rc1 might allow context-dependent attackers to execute arbit…
from 0, < 1.1.23-10sarge1
—koffice - several
from 0, < 1.1.23-13
—pdftohtml - several
from 0, < 1.1.23-13
—Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier…
from 0, < 1.1.23-13
—The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of servi…
from 0, < 1.1.23-1
—gpdf - multiple vulnerabilities
from 0, < 1.1.22-7
—xpdf - buffer overflow
from 0, < 1.1.22-6
—The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux…
from 0, < 1.1.22-7
—cupsys - unsanitised input
from 0, < 1.1.20final+rc1-9
—tetex-bin - integer overflows
from 0, < 1.1.22-6
—lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling t…
from 0, < 1.1.22-2
—cupsys - buffer overflow
from 0, < 1.1.22-2
—Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arb…
from 0, < 1.1.22-2
—lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, do…
from 0, < 1.1.22-2
—lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which…
from 0, < 1.1.22-2
—cupsys - denial of service
from 0, < 1.1.20final+rc1-6
—Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 allows remote attackers to cause a denia…
from 0, < 1.1.19
—cupsys - denial of service
from 0, < 1.1.19final-1
—xpdf - integer overflow
from 0, < 1.1.18-1
—cupsys - several vulnerabilities
from 0, < 1.1.18-1
—Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute…
from 0, < 1.1.18-1
—jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the opti…
from 0, < 1.1.18-1
—filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which a…
from 0, < 1.1.18-1
—Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via…
from 0, < 1.1.18-1
—Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP p…
from 0, < 1.1.18-1