Vulnerabilities > Sane Project

DATE CVE VULNERABILITY TITLE RISK
2020-06-24 CVE-2020-12866 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
5.7
2020-06-24 CVE-2020-12865 Out-of-bounds Write vulnerability in multiple products
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
8.0
2020-06-24 CVE-2020-12864 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
3.3
2020-06-24 CVE-2020-12863 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.
4.3
2020-06-24 CVE-2020-12862 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.
4.3
2020-06-24 CVE-2020-12861 Out-of-bounds Write vulnerability in multiple products
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
8.8
2020-06-01 CVE-2020-12867 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.
5.5