Vulnerabilities (CVE)

Filtered by vendor Linuxfoundation Subscribe
Total 269 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-17697 1 Linuxfoundation 1 Harbor 2024-11-21 5.0 MEDIUM 8.6 HIGH
The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 has SSRF via the endpoint parameter to /api/targets/ping.
CVE-2016-3697 3 Docker, Linuxfoundation, Opensuse 3 Docker, Runc, Opensuse 2024-11-21 2.1 LOW 7.8 HIGH
libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container.
CVE-2015-8560 3 Canonical, Debian, Linuxfoundation 4 Ubuntu Linux, Debian Linux, Cups-filters and 1 more 2024-11-21 7.5 HIGH 7.3 HIGH
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
CVE-2015-8327 4 Canonical, Debian, Linuxfoundation and 1 more 9 Ubuntu Linux, Debian Linux, Cups-filters and 6 more 2024-11-21 7.5 HIGH N/A
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
CVE-2015-3279 3 Canonical, Debian, Linuxfoundation 3 Ubuntu Linux, Debian Linux, Cups-filters 2024-11-21 7.5 HIGH N/A
Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.
CVE-2015-3258 3 Canonical, Debian, Linuxfoundation 3 Ubuntu Linux, Debian Linux, Cups-filters 2024-11-21 7.5 HIGH N/A
Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job.
CVE-2015-2265 2 Canonical, Linuxfoundation 2 Ubuntu Linux, Cups-filters 2024-11-21 7.5 HIGH N/A
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.
CVE-2015-1857 1 Linuxfoundation 1 Opendaylight 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions.
CVE-2014-4338 1 Linuxfoundation 1 Cups-filters 2024-11-21 4.0 MEDIUM N/A
cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses.
CVE-2014-4337 1 Linuxfoundation 1 Cups-filters 2024-11-21 4.3 MEDIUM N/A
The process_browse_data function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted packet data.
CVE-2014-4336 1 Linuxfoundation 1 Cups-filters 2024-11-21 5.8 MEDIUM N/A
The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.
CVE-2014-2707 1 Linuxfoundation 1 Cups-filters 2024-11-21 8.3 HIGH N/A
cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."
CVE-2013-6476 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2024-11-21 4.4 MEDIUM N/A
The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.
CVE-2013-6475 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2024-11-21 6.8 MEDIUM N/A
Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow.
CVE-2013-6474 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2024-11-21 6.8 MEDIUM N/A
Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.
CVE-2013-6473 2 Canonical, Linuxfoundation 2 Ubuntu Linux, Cups-filters 2024-11-21 6.8 MEDIUM N/A
Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.
CVE-2011-2964 1 Linuxfoundation 1 Foomatic 2024-11-21 6.8 MEDIUM N/A
foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697.
CVE-2011-2924 3 Debian, Fedoraproject, Linuxfoundation 3 Debian Linux, Fedora, Foomatic-filters 2024-11-21 3.3 LOW 5.5 MEDIUM
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.
CVE-2011-2923 2 Debian, Linuxfoundation 2 Debian Linux, Foomatic-filters 2024-11-21 3.3 LOW 5.5 MEDIUM
foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.
CVE-2010-5325 3 Linuxfoundation, Oracle, Redhat 8 Foomatic-filters, Linux, Enterprise Linux and 5 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.