Search CVE reports


Toggle filters

41 – 50 of 135 results


CVE-2015-2305

Medium priority

Some fixes available 30 of 84

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to...

23 affected packages

alpine, clamav, cups, efl, haskell-regex-posix...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
alpine Not affected Not affected Not affected Not affected Not affected
clamav Fixed Fixed Fixed Fixed Fixed
cups Not affected Not affected Not affected Not affected Not affected
efl Not affected Not affected Not affected Not affected Not affected
haskell-regex-posix Not affected Not affected Not affected Not affected Not affected
knews Not affected Not affected Not affected Not affected Not affected
librcsb-core-wrapper Not affected Not affected Not affected Not affected Not affected
llvm-toolchain-3.4 Not in release Not in release Not in release Not in release Not in release
llvm-toolchain-3.5 Not in release Not in release Not in release Not in release Not affected
llvm-toolchain-3.6 Not in release Not in release Not in release Not in release Not affected
llvm-toolchain-snapshot Not in release Not in release Not in release Not in release Not in release
newlib Not affected Not affected Not affected Not affected Not affected
nvi Not affected Not affected Not affected Not affected Vulnerable
olsrd Not in release Not in release Not in release Not affected Not affected
openrpt Not in release Not in release Not in release Vulnerable Vulnerable
php5 Not in release Not in release Not in release Not in release Not in release
ptlib Not in release Not in release Not in release Not affected Not affected
radare2 Not affected Not in release Not affected Not affected Vulnerable
sma Not affected Not affected Not affected Not affected Not affected
vigor Not affected Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not affected Not affected
yap Not in release Not in release Not in release Not affected Not affected
z88dk Not in release Not in release Not in release Not in release Not affected
Show all 23 packages Show less packages

CVE-2015-2265

Medium priority
Fixed

The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE:...

1 affected package

cups-filters

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cups-filters
Show less packages

CVE-2014-9679

Medium priority
Fixed

Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.

1 affected package

cups

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cups
Show less packages

CVE-2014-5031

Medium priority
Fixed

The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.

1 affected package

cups

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cups
Show less packages

CVE-2014-5030

Medium priority
Fixed

CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.

1 affected package

cups

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cups
Show less packages

CVE-2014-5029

Medium priority
Fixed

The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of...

1 affected package

cups

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cups
Show less packages

CVE-2014-3537

Medium priority
Fixed

The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.

1 affected package

cups

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cups
Show less packages

CVE-2014-4338

Low priority
Fixed

cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as...

1 affected package

cups-filters

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cups-filters
Show less packages

CVE-2014-4337

Medium priority
Fixed

The process_browse_data function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted packet data.

1 affected package

cups-filters

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cups-filters
Show less packages

CVE-2014-4336

Medium priority
Fixed

The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability...

1 affected package

cups-filters

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cups-filters
Show less packages