VYPR

Vendor CVEs

Linux Foundation

All CVEs

67 total · sorted by risk
  • CVE-2022-24595Mar 18, 2022
    risk 0.00cvss epss 0.02

    Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected by Incorrect Access Control in usr/bin/afb-daemon. To exploit the vulnerability, an attacker should send a well-crafted HTTP (or WebSocket) request to the socket listened by the…

  • CVE-2020-9301Dec 11, 2020
    risk 0.00cvss epss 0.01

    Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all versions prior to version 1.23.4, 1.22.4 or 1.21.5. The vulnerability exists within the handling of SpEL expressions that allows an attacker to read and write arbitrary files within…

  • CVE-2018-20731Jan 17, 2019
    risk 0.00cvss epss 0.01

    A stored cross site scripting (XSS) vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via User-Chat.php.

  • CVE-2018-20729Jan 17, 2019
    risk 0.00cvss epss 0.01

    A reflected cross site scripting (XSS) vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via the reg parameter in mh.php.

  • CVE-2018-20730Jan 17, 2019
    risk 0.00cvss epss 0.01

    A SQL injection vulnerability in NeDi before 1.7Cp3 allows any user to execute arbitrary SQL read commands via the query.php component.

  • CVE-2018-20728Jan 17, 2019
    risk 0.00cvss epss 0.01

    A cross site request forgery (CSRF) vulnerability in NeDi before 1.7Cp3 allows remote attackers to escalate privileges via User-Management.php.

  • CVE-2015-2265Mar 24, 2015
    risk 0.00cvss epss 0.03

    The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for…

  • CVE-2014-4338Jun 22, 2014
    risk 0.00cvss epss 0.03

    cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses.

  • CVE-2014-4337Jun 22, 2014
    risk 0.00cvss epss 0.03

    The process_browse_data function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted packet data.

  • CVE-2014-4336Jun 22, 2014
    risk 0.00cvss epss 0.01

    The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for…

  • CVE-2014-2707Apr 17, 2014
    risk 0.00cvss epss 0.01

    cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."

  • CVE-2013-6476Mar 14, 2014
    risk 0.00cvss epss 0.00

    The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.

  • CVE-2013-6475Mar 14, 2014
    risk 0.00cvss epss 0.03

    Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow.

  • CVE-2013-6474Mar 14, 2014
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.

  • CVE-2013-6473Mar 14, 2014
    risk 0.00cvss epss 0.03

    Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.

  • CVE-2011-2964Jul 29, 2011
    risk 0.00cvss epss 0.05

    foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697.

  • CVE-2004-0801Sep 16, 2004
    risk 0.00cvss epss 0.04

    Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.

Page 2 of 2