Vulnerabilities > Cups > Cups > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-10 | CVE-2018-6553 | The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. | 4.6 |
| 2018-01-12 | CVE-2014-8166 | Improper Input Validation vulnerability in Cups The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name. | 5.1 |
| 2015-06-26 | CVE-2015-1159 | Cross-site Scripting vulnerability in Cups Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/. | 4.3 |
| 2008-04-10 | CVE-2008-1722 | Improper Input Validation vulnerability in Cups 1.3 Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image. | 4.3 |
| 2007-03-13 | CVE-2007-0720 | The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. | 5.0 |