Linux Distros Unpatched Vulnerability : CVE-2023-46052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sane 1.2.1 heap bounds overwrite in initoptions from backend/test.c via a long initmode string in a configuration file. NOTE: this is disputed because there is ...

NewStart CGSL MAIN 7.02 : sane-backends Vulnerability (NS-SA-2025-0135)

The remote NewStart CGSL host, running version MAIN 7.02, has sane-backends packages installed that are affected by a vulnerability: - An issue in Sane 1.2.1 allows a local attacker to execute arbitrary code via a crafted file to the saneiconfigureattach function. NOTE: this is disputed because...

SUSE CVE-2023-46047

An issue in Sane 1.2.1 allows a local attacker to execute arbitrary code via a crafted file to the saneiconfigureattach function. NOTE: this is disputed because there is no expectation that the product should be starting with an attacker-controlled configuration file...

CVE-2023-46052

Sane 1.2.1 heap bounds overwrite in initoptions from backend/test.c via a long initmode string in a configuration file. NOTE: this is disputed because there is no expectation that test.c code should be executed with an attacker-controlled configuration file...

CVE-2023-46047

An issue in Sane 1.2.1 allows a local attacker to execute arbitrary code via a crafted file to the saneiconfigureattach function. NOTE: this is disputed because there is no expectation that the product should be starting with an attacker-controlled configuration file...

CVE-2023-46047

An issue in Sane 1.2.1 allows a local attacker to execute arbitrary code via a crafted file to the saneiconfigureattach function. NOTE: this is disputed because there is no expectation that the product should be starting with an attacker-controlled configuration file...

CVE-2023-46047

An issue in Sane 1.2.1 allows a local attacker to execute arbitrary code via a crafted file to the saneiconfigureattach function. NOTE: this is disputed because there is no expectation that the product should be starting with an attacker-controlled configuration file...

CVE-2023-46047

An issue in Sane 1.2.1 allows a local attacker to execute arbitrary code via a crafted file to the saneiconfigureattach function. NOTE: this is disputed because there is no expectation that the product should be starting with an attacker-controlled configuration file...

CVE-2023-46052

Sane 1.2.1 is affected by a CVE-2023-46052 heap bounds overwrite in init_options() via a long init_mode string in a configuration file. The root cause is in backend/test.c. The description is disputed: there is no expectation that test.c runs with an attacker-controlled configuration file. Public...

CVE-2023-46047

CVE-2023-46047 : Affects Sane 1.2.1. Local attacker can trigger arbitrary code execution via a crafted file fed to the sanei_configure_attach() function. The vulnerability is disputed due to the expectation that the product should not start with an attacker-controlled configuration file. Connecte...