| Bug | Description |
|---|
| CVE-2023-34241 | OpenPrinting CUPS is a standards-based, open source printing system fo ... |
| CVE-2023-32360 | An authentication issue was addressed with improved state management. ... |
| CVE-2023-32324 | OpenPrinting CUPS is an open source printing system. In versions 2.4.2 ... |
| CVE-2023-4504 | Due to failure in validating the length provided by an attacker-crafte ... |
| CVE-2022-26691 | A logic issue was addressed with improved state management. This issue ... |
| CVE-2021-25317 | A Incorrect Default Permissions vulnerability in the packaging of cups ... |
| CVE-2020-10001 | An input validation issue was addressed with improved memory handling. ... |
| CVE-2020-3898 | A memory corruption issue was addressed with improved validation. This ... |
| CVE-2019-8842 | A buffer overflow was addressed with improved bounds checking. This is ... |
| CVE-2019-8696 | A buffer overflow issue was addressed with improved memory handling. T ... |
| CVE-2019-8675 | A buffer overflow issue was addressed with improved memory handling. T ... |
| CVE-2019-2228 | In array_find of array.c, there is a possible out-of-bounds read due t ... |
| CVE-2019-2180 | In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possi ... |
| CVE-2018-6553 | The CUPS AppArmor profile incorrectly confined the dnssd backend due t ... |
| CVE-2018-4300 | The session cookie generated by the CUPS web interface was easy to gue ... |
| CVE-2018-4183 | In macOS High Sierra before 10.13.5, an access issue was addressed wit ... |
| CVE-2018-4182 | In macOS High Sierra before 10.13.5, an access issue was addressed wit ... |
| CVE-2018-4181 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This is ... |
| CVE-2018-4180 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This is ... |
| CVE-2017-18248 | The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-B ... |
| CVE-2017-18190 | A localhost.localdomain whitelist entry in valid_host() in scheduler/c ... |
| CVE-2017-15400 | Insufficient restriction of IPP filters in CUPS in Google Chrome OS pr ... |
| CVE-2015-3279 | Integer overflow in filter/texttopdf.c in texttopdf in cups-filters be ... |
| CVE-2015-3258 | Heap-based buffer overflow in the WriteProlog function in filter/textt ... |
| CVE-2015-2305 | Integer overflow in the regcomp implementation in the Henry Spencer BS ... |
| CVE-2015-1159 | Cross-site scripting (XSS) vulnerability in the cgi_puts function in c ... |
| CVE-2015-1158 | The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 ... |
| CVE-2014-9679 | Integer underflow in the cupsRasterReadPixels function in filter/raste ... |
| CVE-2014-5031 | The web interface in CUPS before 2.0 does not check that files have wo ... |
| CVE-2014-5030 | CUPS before 2.0 allows local users to read arbitrary files via a symli ... |
| CVE-2014-5029 | The web interface in CUPS 1.7.4 allows local users in the lp group to ... |
| CVE-2014-3537 | The web interface in CUPS before 1.7.4 allows local users in the lp gr ... |
| CVE-2014-2856 | Cross-site scripting (XSS) vulnerability in scheduler/client.c in Comm ... |
| CVE-2013-6891 | lppasswd in CUPS before 1.7.1, when running with setuid privileges, al ... |
| CVE-2013-6476 | The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pd ... |
| CVE-2013-6475 | Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPS ... |
| CVE-2013-6474 | Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-fi ... |
| CVE-2012-6094 | cups (Common Unix Printing System) 'Listen localhost:631' option not h ... |
| CVE-2012-5519 | CUPS 1.4.4, when running in certain Linux distributions such as Debian ... |
| CVE-2011-3170 | The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earl ... |
| CVE-2011-2896 | The LZW decompressor in the LWZReadByte function in giftoppm.c in the ... |
| CVE-2010-2941 | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate me ... |
| CVE-2010-2432 | The cupsDoAuthentication function in auth.c in the client in CUPS befo ... |
| CVE-2010-2431 | The cupsFileOpen function in CUPS before 1.4.4 allows local users, wit ... |
| CVE-2010-1748 | The cgi_initialize_string function in cgi-bin/var.c in the web interfa ... |
| CVE-2010-0542 | The _WriteProlog function in texttops.c in texttops in the Text Filter ... |
| CVE-2010-0540 | Cross-site request forgery (CSRF) vulnerability in the web interface i ... |
| CVE-2010-0393 | The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1 ... |
| CVE-2010-0302 | Use-after-free vulnerability in the abstract file-descriptor handling ... |
| CVE-2009-3553 | Use-after-free vulnerability in the abstract file-descriptor handling ... |
| CVE-2009-2820 | The web interface in CUPS before 1.4.2, as used on Apple Mac OS X befo ... |
| CVE-2009-2807 | Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS ... |
| CVE-2009-1196 | The directory-services functionality in the scheduler in CUPS 1.1.17 a ... |
| CVE-2009-0949 | The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 do ... |
| CVE-2009-0791 | Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as use ... |
| CVE-2009-0166 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ... |
| CVE-2009-0164 | The web interface for CUPS before 1.3.10 does not validate the HTTP Ho ... |
| CVE-2009-0163 | Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and ... |
| CVE-2009-0147 | Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ea ... |
| CVE-2009-0146 | Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and ear ... |
| CVE-2008-5377 | pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files ... |
| CVE-2008-5286 | Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 thro ... |
| CVE-2008-5184 | The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the gues ... |
| CVE-2008-5183 | cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remot ... |
| CVE-2008-3641 | The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3 ... |
| CVE-2008-3640 | Integer overflow in the WriteProlog function in texttops in CUPS befor ... |
| CVE-2008-3639 | Heap-based buffer overflow in the read_rle16 function in imagetops in ... |
| CVE-2008-1722 | Multiple integer overflows in (1) filter/image-png.c and (2) filter/im ... |
| CVE-2008-1374 | Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux ... |
| CVE-2008-1373 | Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remo ... |
| CVE-2008-1033 | The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug ... |
| CVE-2008-0882 | Double free vulnerability in the process_browse_data function in CUPS ... |
| CVE-2008-0597 | Use-after-free vulnerability in CUPS before 1.1.22, and possibly other ... |
| CVE-2008-0596 | Memory leak in CUPS before 1.1.22, and possibly other versions, allows ... |
| CVE-2008-0053 | Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS ... |
| CVE-2008-0047 | Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1. ... |
| CVE-2007-6358 | pdftops.pl before 1.20 in alternate pdftops filter allows local users ... |
| CVE-2007-5849 | Integer underflow in the asn1_get_string function in the SNMP back end ... |
| CVE-2007-5848 | Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin u ... |
| CVE-2007-5393 | Heap-based buffer overflow in the CCITTFaxStream::lookChar method in x ... |
| CVE-2007-5392 | Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in X ... |
| CVE-2007-4352 | Array index error in the DCTStream::readProgressiveDataUnit method in ... |
| CVE-2007-4351 | Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 ... |
| CVE-2007-4045 | The CUPS service, as used in SUSE Linux before 20070720 and other Linu ... |
| CVE-2007-3387 | Integer overflow in the StreamPredictor::StreamPredictor function in x ... |
| CVE-2007-0720 | The CUPS service on multiple platforms allows remote attackers to caus ... |
| CVE-2005-4873 | Multiple stack-based buffer overflows in the phpcups PHP module for CU ... |
| CVE-2005-3628 | Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Strea ... |
| CVE-2005-3627 | Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, ... |
| CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTe ... |
| CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTe ... |
| CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpd ... |
| CVE-2005-3193 | Heap-based buffer overflow in the JPXStream::readCodestream function i ... |
| CVE-2005-3192 | Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.0 ... |
| CVE-2005-3191 | Multiple heap-based buffer overflows in the (1) DCTStream::readProgres ... |
| CVE-2005-2874 | The is_path_absolute function in scheduler/client.c for the daemon in ... |
| CVE-2005-2097 | xpdf and kpdf do not properly validate the "loca" table in PDF files, ... |
| CVE-2005-0206 | The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CV ... |
| CVE-2005-0064 | Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc fo ... |
| CVE-2004-2154 | CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as cas ... |
| CVE-2004-1270 | lppasswd in CUPS 1.1.22, when run in environments that do not ensure t ... |
| CVE-2004-1269 | lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it enco ... |
| CVE-2004-1268 | lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS p ... |
| CVE-2004-1267 | Buffer overflow in the ParseCommand function in hpgl-input.c in the hp ... |
| CVE-2004-1125 | Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, ... |
| CVE-2004-0923 | CUPS 1.1.20 and earlier records authentication information for a devic ... |
| CVE-2004-0888 | Multiple integer overflows in xpdf 2.0 and 3.0, and other packages tha ... |
| CVE-2004-0558 | The Internet Printing Protocol (IPP) implementation in CUPS before 1.1 ... |
| CVE-2003-0788 | Unknown vulnerability in the Internet Printing Protocol (IPP) implemen ... |
| CVE-2003-0195 | CUPS before 1.1.19 allows remote attackers to cause a denial of servic ... |
| CVE-2002-1384 | Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, ... |
| CVE-2002-1383 | Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.1 ... |
| CVE-2002-1372 | Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not prop ... |
| CVE-2002-1371 | filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 throu ... |
| CVE-2002-1369 | jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 doe ... |
| CVE-2002-1368 | Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote ... |
| CVE-2002-1367 | Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote ... |
| CVE-2002-1366 | Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local ... |
| CVE-2001-1508 | Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows ... |