Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cups vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-8425
Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account deletion via userdelete.php.
Cups Easy \\(purchase \\& Inventory\\) Project Cups Easy \\(purchase \\& Inventory\\) 1.0
1 Github repository
107
VMScore
CVE-2013-6891
lppasswd in CUPS prior to 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.
Apple Cups
Apple Cups 1.7
Apple Cups 1.7.1
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
605
VMScore
CVE-2008-1374
Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote malicious users to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888.
Apple Cups
383
VMScore
CVE-2018-4300
The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10.
Apple Cups
187
VMScore
CVE-2008-1033
The scheduler in CUPS in Apple Mac OS X 10.5 prior to 10.5.3, when debug logging is enabled and a printer requires a password, allows malicious users to obtain sensitive information (credentials) by reading the log data, related to "authentication environment variables."...
Apple Cups
614
VMScore
CVE-2009-0032
CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
Apple Cups
312
VMScore
CVE-2017-18248
The add_job function in scheduler/ipp.c in CUPS prior to 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.
Apple Cups
605
VMScore
CVE-2014-9679
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS prior to 2.0.2 allows remote malicious users to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
Apple Cups
695
VMScore
CVE-2008-5377
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
Apple Cups 1.3.8
1 EDB exploit
642
VMScore
CVE-2012-5519
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging th...
Apple Cups 1.4.4
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »