Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple cups vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2019-8675
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
Apple Mac Os X
578
VMScore
CVE-2019-8696
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
Apple Mac Os X
570
VMScore
CVE-2009-0164
The web interface for CUPS prior to 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote malicious users to conduct DNS rebinding attacks.
Apple Cups 1.1.11
Apple Cups 1.1.14
Apple Cups 1.1.19
Apple Cups 1.1.16
Apple Cups 1.1.20
Apple Cups 1.1.22
Apple Cups 1.1.9
Apple Cups 1.1.9-1
Apple Cups 1.1.6-1
Apple Cups 1.2.6
Apple Cups 1.2.4
Apple Cups 1.2.3
Apple Cups 1.3.0
Apple Cups 1.2
Apple Cups 1.3.1
Apple Cups 1.3
Apple Cups 1.1
Apple Cups 1.1.10-1
Apple Cups 1.1.13
Apple Cups 1.1.18
Apple Cups 1.1.17
Apple Cups 1.1.21
552
VMScore
CVE-2002-1366
Common Unix Printing System (CUPS) 1.1.14 up to and including 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream.
Easy Software Products Cups 1.1.1
Easy Software Products Cups 1.1.10
Easy Software Products Cups 1.1.17
Easy Software Products Cups 1.1.4
Easy Software Products Cups 1.1.13
Easy Software Products Cups 1.1.14
Easy Software Products Cups 1.0.4
Easy Software Products Cups 1.1.6
Easy Software Products Cups 1.1.7
Apple Mac Os X 10.2
Apple Mac Os X 10.2.2
534
VMScore
CVE-2010-0540
Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS prior to 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 prior to 10.6.4, and other platforms, allows remote malicious users to hijack the authentication of administrators for requests that change...
Apple Mac Os X 10.6.1
Apple Mac Os X Server 10.6.0
Apple Mac Os X 10.5.8
Apple Mac Os X 10.6.0
Apple Mac Os X Server 10.6.2
Apple Mac Os X Server 10.6.3
Apple Mac Os X 10.6.3
Apple Mac Os X Server 10.5.8
Apple Mac Os X Server 10.6.1
Apple Mac Os X 10.6.2
505
VMScore
CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS prior to 1.3.10 does not properly initialize memory for IPP request packets, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecu...
Apple Cups
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Debian Debian Linux 6.0
Apple Mac Os X Server
Apple Mac Os X
Opensuse Opensuse 10.3
Suse Linux Enterprise 10.0
Suse Linux Enterprise 9.0
1 EDB exploit
454
VMScore
CVE-2011-3170
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and previous versions does not properly handle the first code word in an LZW stream, which allows remote malicious users to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted strea...
Apple Cups 1.4
Apple Cups 1.4.0
Apple Cups 1.1.5-1
Apple Cups 1.1.5-2
Apple Cups 1.1.9-1
Apple Cups 1.1.10-1
Apple Cups 1.1.15
Apple Cups 1.1.18
Apple Cups 1.1.19
Apple Cups 1.1.20
Apple Cups 1.1.22
Apple Cups 1.2
Apple Cups 1.2.8
Apple Cups 1.2.9
Apple Cups 1.4.1
Apple Cups 1.4.2
Apple Cups 1.1.6
Apple Cups 1.1.6-1
Apple Cups 1.1.10
Apple Cups 1.1.6-3
Apple Cups 1.1.17
Apple Cups 1.1.12
454
VMScore
CVE-2011-2896
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS prior to 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and previous ve...
Swi-prolog Swi-prolog
Apple Cups
Gimp Gimp
445
VMScore
CVE-2017-18190
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS prior to 2.2.2 allows remote malicious users to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is of...
Apple Cups
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
445
VMScore
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »