Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities found for sane_backends by sane-project
CVE-2020-12866 (GCVE-0-2020-12866)
Vulnerability from nvd – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI?
Summary
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12866",
"datePublished": "2020-06-24T12:52:23.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12865 (GCVE-0-2020-12865)
Vulnerability from nvd – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI?
Summary
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12865",
"datePublished": "2020-06-24T12:52:38.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12864 (GCVE-0-2020-12864)
Vulnerability from nvd – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI?
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12864",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12864",
"datePublished": "2020-06-24T12:52:44.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12863 (GCVE-0-2020-12863)
Vulnerability from nvd – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI?
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12863",
"datePublished": "2020-06-24T12:52:51.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12862 (GCVE-0-2020-12862)
Vulnerability from nvd – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI?
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:19.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12862",
"datePublished": "2020-06-24T12:52:54.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:19.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12861 (GCVE-0-2020-12861)
Vulnerability from nvd – Published: 2020-06-24 00:00 – Updated: 2024-08-04 12:04
VLAI?
Summary
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/172841/SANE-Backends-Memory-Corruption-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-12T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
},
{
"url": "http://packetstormsecurity.com/files/172841/SANE-Backends-Memory-Corruption-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12861",
"datePublished": "2020-06-24T00:00:00.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12862 (GCVE-0-2020-12862)
Vulnerability from cvelistv5 – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI?
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:19.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12862",
"datePublished": "2020-06-24T12:52:54.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:19.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12863 (GCVE-0-2020-12863)
Vulnerability from cvelistv5 – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI?
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12863",
"datePublished": "2020-06-24T12:52:51.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12864 (GCVE-0-2020-12864)
Vulnerability from cvelistv5 – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI?
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12864",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12864",
"datePublished": "2020-06-24T12:52:44.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12865 (GCVE-0-2020-12865)
Vulnerability from cvelistv5 – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI?
Summary
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12865",
"datePublished": "2020-06-24T12:52:38.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12866 (GCVE-0-2020-12866)
Vulnerability from cvelistv5 – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI?
Summary
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12866",
"datePublished": "2020-06-24T12:52:23.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12861 (GCVE-0-2020-12861)
Vulnerability from cvelistv5 – Published: 2020-06-24 00:00 – Updated: 2024-08-04 12:04
VLAI?
Summary
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/172841/SANE-Backends-Memory-Corruption-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-12T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
},
{
"url": "http://packetstormsecurity.com/files/172841/SANE-Backends-Memory-Corruption-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12861",
"datePublished": "2020-06-24T00:00:00.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}