VYPR

rpm package

suse/sane-backends&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5

pkg:rpm/suse/sane-backends&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Vulnerabilities (8)

  • CVE-2020-12866MedJun 24, 2020
    affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1

    A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.

  • CVE-2020-12865HigJun 24, 2020
    affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1

    A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.

  • CVE-2020-12864MedJun 24, 2020
    affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1

    An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.

  • CVE-2020-12863MedJun 24, 2020
    affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1

    An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.

  • CVE-2020-12862MedJun 24, 2020
    affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1

    An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.

  • CVE-2020-12861HigJun 24, 2020
    affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1

    A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.

  • CVE-2020-12867MedJun 1, 2020
    affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1

    A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.

  • CVE-2017-6318HigMar 20, 2017
    affected < 1.0.31-4.3.1fixed 1.0.31-4.3.1

    saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet.