Search CVE reports
41 – 50 of 135 results
CVE-2015-2305
Medium prioritySome fixes available 30 of 84
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to...
23 affected packages
alpine, clamav, cups, efl, haskell-regex-posix...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
alpine | Not affected | Not affected | Not affected | Not affected | Not affected |
clamav | Fixed | Fixed | Fixed | Fixed | Fixed |
cups | Not affected | Not affected | Not affected | Not affected | Not affected |
efl | Not affected | Not affected | Not affected | Not affected | Not affected |
haskell-regex-posix | Not affected | Not affected | Not affected | Not affected | Not affected |
knews | Not affected | Not affected | Not affected | Not affected | Not affected |
librcsb-core-wrapper | Not affected | Not affected | Not affected | Not affected | Not affected |
llvm-toolchain-3.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
llvm-toolchain-3.5 | Not in release | Not in release | Not in release | Not in release | Not affected |
llvm-toolchain-3.6 | Not in release | Not in release | Not in release | Not in release | Not affected |
llvm-toolchain-snapshot | Not in release | Not in release | Not in release | Not in release | Not in release |
newlib | Not affected | Not affected | Not affected | Not affected | Not affected |
nvi | Not affected | Not affected | Not affected | Not affected | Vulnerable |
olsrd | Not in release | Not in release | Not in release | Not affected | Not affected |
openrpt | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
php5 | Not in release | Not in release | Not in release | Not in release | Not in release |
ptlib | Not in release | Not in release | Not in release | Not affected | Not affected |
radare2 | Not affected | Not in release | Not affected | Not affected | Vulnerable |
sma | Not affected | Not affected | Not affected | Not affected | Not affected |
vigor | Not affected | Not affected | Not affected | Not affected | Not affected |
vnc4 | Not in release | Not in release | Not in release | Not affected | Not affected |
yap | Not in release | Not in release | Not in release | Not affected | Not affected |
z88dk | Not in release | Not in release | Not in release | Not in release | Not affected |
CVE-2015-2265
Medium priorityThe remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE:...
1 affected package
cups-filters
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cups-filters | — | — | — | — | — |
CVE-2014-9679
Medium priorityInteger underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
1 affected package
cups
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cups | — | — | — | — | — |
CVE-2014-5031
Medium priorityThe web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
1 affected package
cups
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cups | — | — | — | — | — |
CVE-2014-5030
Medium priorityCUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.
1 affected package
cups
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cups | — | — | — | — | — |
CVE-2014-5029
Medium priorityThe web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of...
1 affected package
cups
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cups | — | — | — | — | — |
CVE-2014-3537
Medium priorityThe web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
1 affected package
cups
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cups | — | — | — | — | — |
CVE-2014-4338
Low prioritycups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as...
1 affected package
cups-filters
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cups-filters | — | — | — | — | — |
CVE-2014-4337
Medium priorityThe process_browse_data function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted packet data.
1 affected package
cups-filters
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cups-filters | — | — | — | — | — |
CVE-2014-4336
Medium priorityThe generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability...
1 affected package
cups-filters
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
cups-filters | — | — | — | — | — |