IDCVSSSummaryLast (major) updatePublished
CVE-2007-0720 5.0
The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.
15-12-2020 - 02:02 13-03-2007 - 21:19
CVE-2015-1159 4.3
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
23-09-2017 - 01:29 26-06-2015 - 10:59
CVE-2015-1158 10.0
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings v
23-09-2017 - 01:29 26-06-2015 - 10:59
CVE-2007-4351 10.0
Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-ba
03-10-2018 - 21:47 31-10-2007 - 22:46
CVE-2014-8166 5.1
The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name.
23-10-2020 - 13:22 12-01-2018 - 17:29
CVE-2018-6553 4.6
The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-
03-10-2019 - 00:03 10-08-2018 - 15:29
Back to Top Mark selected
Back to Top