9 matches found
CVE-2020-12867
CVE-2020-12867 involves a NULL pointer dereference in sanei_epson_net_read within SANE backends prior to 1.0.30. A malicious device on the same local network could trigger a denial of service. The connected Debian/AlmaLinux advisories and Fedora/Alpine notes indicate the issue affects sane-backen...
CVE-2020-12861
CVE-2020-12861 involves a heap buffer overflow in sane-backends before 1.0.30, via epsonds_net_read in epsonds-net.c; CVE-2020-12865 is a heap overflow in esci2_img. Connected advisories confirm these issues in sane-backends and indicate fixes in later releases (up to at least 1.0.31). Affected p...
CVE-2020-12865
SANE Backends CVE-2020-12865 describes a heap buffer overflow in SANE Backends before 1.0.30 that lets a malicious device on the same local network execute arbitrary code. Affected component: sane-backends (likely epsonds/esci2_img related paths) with exploitation possible without user interactio...
CVE-2020-12863
The CVE-2020-12863 issue is an out-of-bounds read in SANE Backends prior to 1.0.30, enabling a local-network attacker connected to the same host to read sensitive data (e.g., ASLR offsets). Multiple connected advisories confirm the same root cause and note fixes in subsequent sane-backends releas...
CVE-2020-12862
CVE-2020-12862 affects the SANE backends project prior to version 1.0.30. The issue is an out-of-bounds read in the SANE backends that may allow a malicious device on the same local network to read memory content, including ASLR offsets, exposing partial confidentiality information. Exploitation ...
CVE-2020-12866
CVE-2020-12866: A NULL pointer dereference in SANE Backends before 1.0.30 can allow a malicious device on the same local network to cause a denial of service. Documented impact is a DoS; root cause is NULL pointer dereference in SANE Backends prior to 1.0.30. Remediation: upgrade to 1.0.30 or lat...
CVE-2020-12864
CVE-2020-12864 affects SANE Backends prior to 1.0.30. The vulnerability is an out-of-bounds read that may allow a malicious device on the same local network to read sensitive information (e.g., ASLR offsets). Public docs converge on 1.0.30 as the fixed point, with later advisories (e.g., 1.0.31) ...
CVE-2023-46047
CVE-2023-46047 : Affects Sane 1.2.1. Local attacker can trigger arbitrary code execution via a crafted file fed to the sanei_configure_attach() function. The vulnerability is disputed due to the expectation that the product should not start with an attacker-controlled configuration file. Connecte...
CVE-2023-46052
Sane 1.2.1 is affected by a CVE-2023-46052 heap bounds overwrite in init_options() via a long init_mode string in a configuration file. The root cause is in backend/test.c. The description is disputed: there is no expectation that test.c runs with an attacker-controlled configuration file. Public...