Vulnerabilities > Linuxfoundation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-18 | CVE-2019-1010249 | Integer Overflow or Wraparound vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. | 5.5 |
| 2018-12-31 | CVE-2018-6336 | 7PK - Security Features vulnerability in Linuxfoundation Osquery An issue was discovered in osquery. | 6.8 |
| 2018-04-27 | CVE-2015-1857 | Information Exposure vulnerability in Linuxfoundation Opendaylight The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions. | 5.0 |
| 2017-12-15 | CVE-2017-17697 | Server-Side Request Forgery (SSRF) vulnerability in Linuxfoundation Harbor The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 has SSRF via the endpoint parameter to /api/targets/ping. | 5.0 |
| 2014-06-22 | CVE-2014-4338 | Permissions, Privileges, and Access Controls vulnerability in Linuxfoundation Cups-Filters cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses. | 4.0 |
| 2014-06-22 | CVE-2014-4337 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linuxfoundation Cups-Filters The process_browse_data function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted packet data. | 4.3 |
| 2014-06-22 | CVE-2014-4336 | Command Injection vulnerability in Linuxfoundation Cups-Filters The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. | 5.8 |
| 2014-03-14 | CVE-2013-6476 | Permissions, Privileges, and Access Controls vulnerability in multiple products The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file. | 4.4 |
| 2014-03-14 | CVE-2013-6475 | Numeric Errors vulnerability in multiple products Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow. | 6.8 |
| 2014-03-14 | CVE-2013-6474 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file. | 6.8 |