Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities by sane-project
CVE-2020-12862 (GCVE-0-2020-12862)
Vulnerability from cvelistv5 – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://alioth-lists.debian.net/pipermail/sane-an… | x_refsource_CONFIRM |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://usn.ubuntu.com/4470-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:19.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12862",
"datePublished": "2020-06-24T12:52:54.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:19.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12863 (GCVE-0-2020-12863)
Vulnerability from cvelistv5 – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://alioth-lists.debian.net/pipermail/sane-an… | x_refsource_CONFIRM |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://usn.ubuntu.com/4470-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12863",
"datePublished": "2020-06-24T12:52:51.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12864 (GCVE-0-2020-12864)
Vulnerability from cvelistv5 – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://alioth-lists.debian.net/pipermail/sane-an… | x_refsource_CONFIRM |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
| https://usn.ubuntu.com/4470-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12864",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12864",
"datePublished": "2020-06-24T12:52:44.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12865 (GCVE-0-2020-12865)
Vulnerability from cvelistv5 – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI
Summary
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://alioth-lists.debian.net/pipermail/sane-an… | x_refsource_CONFIRM |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://usn.ubuntu.com/4470-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12865",
"datePublished": "2020-06-24T12:52:38.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12866 (GCVE-0-2020-12866)
Vulnerability from cvelistv5 – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI
Summary
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://alioth-lists.debian.net/pipermail/sane-an… | x_refsource_CONFIRM |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
| https://usn.ubuntu.com/4470-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12866",
"datePublished": "2020-06-24T12:52:23.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12861 (GCVE-0-2020-12861)
Vulnerability from cvelistv5 – Published: 2020-06-24 00:00 – Updated: 2024-08-04 12:04
VLAI
Summary
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/172841/SANE-Backends-Memory-Corruption-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-12T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
},
{
"url": "http://packetstormsecurity.com/files/172841/SANE-Backends-Memory-Corruption-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12861",
"datePublished": "2020-06-24T00:00:00.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12862 (GCVE-0-2020-12862)
Vulnerability from nvd – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://alioth-lists.debian.net/pipermail/sane-an… | x_refsource_CONFIRM |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://usn.ubuntu.com/4470-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:19.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12862",
"datePublished": "2020-06-24T12:52:54.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:19.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12863 (GCVE-0-2020-12863)
Vulnerability from nvd – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://alioth-lists.debian.net/pipermail/sane-an… | x_refsource_CONFIRM |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://usn.ubuntu.com/4470-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12863",
"datePublished": "2020-06-24T12:52:51.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12864 (GCVE-0-2020-12864)
Vulnerability from nvd – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI
Summary
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://alioth-lists.debian.net/pipermail/sane-an… | x_refsource_CONFIRM |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
| https://usn.ubuntu.com/4470-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12864",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12864",
"datePublished": "2020-06-24T12:52:44.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12865 (GCVE-0-2020-12865)
Vulnerability from nvd – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI
Summary
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://alioth-lists.debian.net/pipermail/sane-an… | x_refsource_CONFIRM |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://usn.ubuntu.com/4470-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "[debian-lts-announce] 20200817 [SECURITY] [DLA 2332-1] sane-backends security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "[debian-lts-announce] 20201007 [SECURITY] [DLA 2332-2] sane-backends regression update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12865",
"datePublished": "2020-06-24T12:52:38.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12866 (GCVE-0-2020-12866)
Vulnerability from nvd – Published: 2020-06-24 12:52 – Updated: 2024-08-04 12:11
VLAI
Summary
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://alioth-lists.debian.net/pipermail/sane-an… | x_refsource_CONFIRM |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
| https://usn.ubuntu.com/4470-1/ | vendor-advisoryx_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:18.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-01T12:06:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html",
"refsource": "CONFIRM",
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12866",
"datePublished": "2020-06-24T12:52:23.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:18.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12861 (GCVE-0-2020-12861)
Vulnerability from nvd – Published: 2020-06-24 00:00 – Updated: 2024-08-04 12:04
VLAI
Summary
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
Date Public
2020-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/172841/SANE-Backends-Memory-Corruption-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-12T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html"
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2020-075-libsane"
},
{
"name": "USN-4470-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4470-1/"
},
{
"name": "openSUSE-SU-2020:1791",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html"
},
{
"name": "openSUSE-SU-2020:1798",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html"
},
{
"url": "http://packetstormsecurity.com/files/172841/SANE-Backends-Memory-Corruption-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12861",
"datePublished": "2020-06-24T00:00:00.000Z",
"dateReserved": "2020-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}