Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple cups vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-5031
The web interface in CUPS prior to 2.0 does not check that files have world-readable permissions, which allows remote malicious users to obtains sensitive information via unspecified vectors.
Apple Cups 1.7.1
Apple Cups 1.7.0
Apple Cups
Apple Cups 1.7.3
Apple Cups 1.7.2
Apple Cups 1.7
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
1.2
CVSSv2
CVE-2013-6891
lppasswd in CUPS prior to 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.
Apple Cups
Apple Cups 1.7
Apple Cups 1.7.1
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
7.2
CVSSv2
CVE-2012-5519
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging th...
Apple Cups 1.4.4
2 Github repositories
5.1
CVSSv2
CVE-2011-3170
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and previous versions does not properly handle the first code word in an LZW stream, which allows remote malicious users to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted strea...
Apple Cups 1.4
Apple Cups 1.4.0
Apple Cups 1.1.5-1
Apple Cups 1.1.5-2
Apple Cups 1.1.9-1
Apple Cups 1.1.10-1
Apple Cups 1.1.15
Apple Cups 1.1.18
Apple Cups 1.1.19
Apple Cups 1.1.20
Apple Cups 1.1.22
Apple Cups 1.2
Apple Cups 1.2.8
Apple Cups 1.2.9
Apple Cups 1.4.1
Apple Cups 1.4.2
Apple Cups 1.1.6
Apple Cups 1.1.6-1
Apple Cups 1.1.10
Apple Cups 1.1.6-3
Apple Cups 1.1.17
Apple Cups 1.1.12
5.1
CVSSv2
CVE-2011-2896
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS prior to 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and previous ve...
Swi-prolog Swi-prolog
Apple Cups
Gimp Gimp
7.5
CVSSv2
CVE-2010-3702
The Gfx::getPos function in the PDF parser in xpdf prior to 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent malicious users to cause a denial of service (crash) via unknown vectors that trigg...
Apple Cups
Freedesktop Poppler
Xpdfreader Xpdf
Xpdfreader Xpdf 3.02
Fedoraproject Fedora 12
Fedoraproject Fedora 13
Fedoraproject Fedora 14
Opensuse Opensuse 11.1
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Server 9
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
9.3
CVSSv2
CVE-2010-2941
ipp.c in cupsd in CUPS 1.4.4 and previous versions does not properly allocate memory for attribute values with invalid string data types, which allows remote malicious users to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via...
Apple Cups
Apple Mac Os X Server
Apple Mac Os X
Fedoraproject Fedora 13
Fedoraproject Fedora 12
Fedoraproject Fedora 14
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise 11.0
Suse Linux Enterprise 10.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux 5.0
2.6
CVSSv2
CVE-2010-2431
The cupsFileOpen function in CUPS prior to 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.
Apple Cups 1.3.6
Apple Cups 1.1
Apple Cups 1.1.3
Apple Cups 1.1.4
Apple Cups 1.1.8
Apple Cups 1.1.7
Apple Cups 1.1.14
Apple Cups 1.1.13
Apple Cups 1.1.19
Apple Cups 1.1.21
Apple Cups 1.1.23
Apple Cups 1.4.1
Apple Cups 1.2.3
Apple Cups 1.2.2
Apple Cups 1.2.12
Apple Cups 1.3
Apple Cups 1.3.4
Apple Cups 1.3.5
Apple Cups 1.3.11
Apple Cups 1.1.1
Apple Cups 1.1.5-1
Apple Cups 1.1.5
5
CVSSv2
CVE-2010-2432
The cupsDoAuthentication function in auth.c in the client in CUPS prior to 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.
Apple Cups 1.1.2
Apple Cups 1.1.3
Apple Cups 1.1.6-3
Apple Cups 1.1.6-2
Apple Cups 1.1.12
Apple Cups 1.1.11
Apple Cups 1.1.14
Apple Cups 1.1.20
Apple Cups 1.1.19
Apple Cups 1.1.21
Apple Cups 1.2
Apple Cups 1.4.1
Apple Cups 1.2.4
Apple Cups 1.2.3
Apple Cups 1.2.10
Apple Cups 1.2.11
Apple Cups 1.3.3
Apple Cups 1.3.4
Apple Cups 1.3.10
Apple Cups 1.3.11
Apple Cups 1.3.6
Apple Cups 1.1
6.8
CVSSv2
CVE-2010-0542
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS prior to 1.4.4 does not check the return values of certain calloc calls, which allows remote malicious users to cause a denial of service (NULL pointer dereference or heap memory corruption) ...
Apple Cups 1.1.1
Apple Cups 1.1.5-1
Apple Cups 1.1.5
Apple Cups 1.1.9
Apple Cups 1.1.9-1
Apple Cups 1.1.16
Apple Cups 1.1.15
Apple Cups 1.1.19
Apple Cups 1.1.20
Apple Cups 1.1.22
Apple Cups 1.2.1
Apple Cups 1.2.0
Apple Cups 1.3.9
Apple Cups 1.2.7
Apple Cups 1.3
Apple Cups 1.3.8
Apple Cups 1.3.7
Apple Cups 1.1.5-2
Apple Cups 1.1.6
Apple Cups 1.1.10-1
Apple Cups 1.1.10
Apple Cups 1.1.18
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »