rpm package
suse/sane-backends&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
pkg:rpm/suse/sane-backends&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-12866 | Med | 5.7 | < 1.0.31-4.3.1 | 1.0.31-4.3.1 | Jun 24, 2020 | A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079. | |
| CVE-2020-12865 | Hig | 8.0 | < 1.0.31-4.3.1 | 1.0.31-4.3.1 | Jun 24, 2020 | A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. | |
| CVE-2020-12864 | Med | 4.3 | < 1.0.31-4.3.1 | 1.0.31-4.3.1 | Jun 24, 2020 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081. | |
| CVE-2020-12863 | Med | 4.3 | < 1.0.31-4.3.1 | 1.0.31-4.3.1 | Jun 24, 2020 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083. | |
| CVE-2020-12862 | Med | 4.3 | < 1.0.31-4.3.1 | 1.0.31-4.3.1 | Jun 24, 2020 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082. | |
| CVE-2020-12861 | Hig | 8.8 | < 1.0.31-4.3.1 | 1.0.31-4.3.1 | Jun 24, 2020 | A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. | |
| CVE-2020-12867 | Med | 5.5 | < 1.0.31-4.3.1 | 1.0.31-4.3.1 | Jun 1, 2020 | A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075. | |
| CVE-2017-6318 | Hig | 7.5 | < 1.0.31-4.3.1 | 1.0.31-4.3.1 | Mar 20, 2017 | saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. |
- affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
- affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
- affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
- affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.
- affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.
- affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
- affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1
A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.
- affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet.