Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 1.1.23rc1 might allow context-dependent attackers to execute arbitrary code via vectors that result in long function parameters, as demonstrated by the cups_get_dest_options function in phpcups.c.
7.7AI Score
0.005EPSS
The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.
8.4AI Score
0.03EPSS
Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow.
9.1AI Score
0.1EPSS
Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions.
8.3AI Score
0.867EPSS
Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer....
9.7AI Score
0.209EPSS
Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image.
7.2AI Score
0.013EPSS
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system
9.8CVSS
9.2AI Score
0.032EPSS
The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name.
8.8CVSS
8.8AI Score
0.014EPSS
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_...
7.5AI Score
0.918EPSS
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
5AI Score
0.78EPSS
The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubunt...
8.8CVSS
8.3AI Score
0.0004EPSS