Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple cups vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2023-34241
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should hav...
Openprinting Cups
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 10.0
Apple Macos
NA
CVE-2014-5029
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.
Apple Cups 1.7.4
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 10.04
7.5
CVSSv3
CVE-2017-18190
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS prior to 2.2.2 allows remote malicious users to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is of...
Apple Cups
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
NA
CVE-2010-0540
Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS prior to 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 prior to 10.6.4, and other platforms, allows remote malicious users to hijack the authentication of administrators for requests that change...
Apple Mac Os X 10.5.8
Apple Mac Os X Server 10.5.8
Apple Mac Os X Server 10.6.3
Apple Mac Os X 10.6.3
Apple Mac Os X Server 10.6.1
Apple Mac Os X Server 10.6.2
Apple Mac Os X 10.6.1
Apple Mac Os X Server 10.6.0
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.2
NA
CVE-2009-2820
The web interface in CUPS prior to 1.4.2, as used on Apple Mac OS X prior to 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote malicious users to conduct cross-site scripting (XSS) attacks and HTTP response splitting...
Apple Mac Os X 10.5.8
Apple Mac Os X 10.4.3
Apple Mac Os X 10.2.5
Apple Mac Os X 10.2.7
Apple Mac Os X 10.0.2
Apple Mac Os X 10.2.8
Apple Mac Os X 10.2.1
Apple Mac Os X 10.5.6
Apple Mac Os X 10.3.1
Apple Mac Os X 10.3.5
Apple Mac Os X 10.3.0
Apple Mac Os X 10.4.1
Apple Mac Os X 10.1
Apple Mac Os X 10.5.5
Apple Mac Os X 10.5.1
Apple Mac Os X 10.0.1
Apple Mac Os X 10.4.10
Apple Mac Os X 10.0.3
Apple Mac Os X 10.4.9
Apple Mac Os X 10.1.4
Apple Mac Os X 10.2.4
Apple Mac Os X 10.4.7
1 EDB exploit
7.8
CVSSv3
CVE-2020-3898
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.
Apple Mac Os X
NA
CVE-2007-3387
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler prior to 0.5.91, (2) gpdf prior to 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote malicious users to execute arbitrary code via ...
Xpdfreader Xpdf 3.02
Apple Cups
Freedesktop Poppler
Gpdf Project Gpdf
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
5.5
CVSSv3
CVE-2023-32360
An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents.
Apple Macos
7.5
CVSSv3
CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS prior to 1.3.10 does not properly initialize memory for IPP request packets, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecu...
Apple Cups
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Debian Debian Linux 6.0
Apple Mac Os X Server
Apple Mac Os X
Opensuse Opensuse 10.3
Suse Linux Enterprise 10.0
Suse Linux Enterprise 9.0
1 EDB exploit
8.2
CVSSv3
CVE-2018-4182
In macOS High Sierra prior to 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS.
Apple Mac Os X
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »