CVE-2020-11538
- EPSS 2.51%
- Veröffentlicht 25.06.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 04:58:06
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.
CVE-2020-5963
- EPSS 0.47%
- Veröffentlicht 25.06.2020 00:15:10
- Zuletzt bearbeitet 21.11.2024 05:34:54
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.
CVE-2020-12862
- EPSS 1.08%
- Veröffentlicht 24.06.2020 13:15:11
- Zuletzt bearbeitet 21.11.2024 05:00:26
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.
CVE-2020-12863
- EPSS 1.01%
- Veröffentlicht 24.06.2020 13:15:11
- Zuletzt bearbeitet 21.11.2024 05:00:26
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.
CVE-2020-12864
- EPSS 1.2%
- Veröffentlicht 24.06.2020 13:15:11
- Zuletzt bearbeitet 21.11.2024 05:00:26
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
- EPSS 1.46%
- Veröffentlicht 24.06.2020 13:15:11
- Zuletzt bearbeitet 21.11.2024 05:00:26
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
CVE-2020-12866
- EPSS 1.04%
- Veröffentlicht 24.06.2020 13:15:11
- Zuletzt bearbeitet 21.11.2024 05:00:26
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
CVE-2020-12861
- EPSS 3.04%
- Veröffentlicht 24.06.2020 13:15:10
- Zuletzt bearbeitet 21.11.2024 05:00:26
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
CVE-2020-15011
- EPSS 1.89%
- Veröffentlicht 24.06.2020 12:15:10
- Zuletzt bearbeitet 21.11.2024 05:04:37
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
CVE-2020-4030
- EPSS 1.85%
- Veröffentlicht 22.06.2020 22:15:13
- Zuletzt bearbeitet 21.11.2024 05:32:11
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.