Vulnerabilities > Sane Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-24 | CVE-2020-12866 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079. | 5.7 |
2020-06-24 | CVE-2020-12865 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. | 8.0 |
2020-06-24 | CVE-2020-12864 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081. | 3.3 |
2020-06-24 | CVE-2020-12863 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083. | 4.3 |
2020-06-24 | CVE-2020-12862 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082. | 4.3 |
2020-06-24 | CVE-2020-12861 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. | 8.8 |
2020-06-01 | CVE-2020-12867 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075. | 5.5 |