Max CVSS 7.9 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2011-2896 5.1
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in
07-02-2022 - 18:44 19-08-2011 - 17:55
CVE-2020-3898 4.6
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.
21-07-2021 - 11:39 22-10-2020 - 18:15
CVE-2019-8696 6.5
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execu
30-10-2020 - 02:22 27-10-2020 - 20:15
CVE-2018-4700 5.0
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-4300. Reason: This candidate is a duplicate of CVE-2018-4300. Notes: All CVE users should reference CVE-2018-4300 instead of this candidate. All references and descriptions in this c
05-08-2019 - 19:15 05-08-2019 - 19:15
CVE-2015-1159 4.3
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
23-09-2017 - 01:29 26-06-2015 - 10:59
CVE-2012-5519 7.2
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary
29-08-2017 - 01:32 20-11-2012 - 00:55
CVE-2010-2941 7.9
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbi
17-08-2017 - 01:32 05-11-2010 - 17:00
CVE-2014-5031 5.0
The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
07-01-2017 - 03:00 29-07-2014 - 14:55
Back to Top Mark selected
Back to Top