U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:sane-project:sane_backends:1.0.2:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 7 matching records.
Displaying matches 1 through 7.
Vuln ID Summary CVSS Severity
CVE-2020-12866

A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.

Published: June 24, 2020; 9:15:11 AM -0400
V4.0:(not available)
V3.1: 5.7 MEDIUM
V2.0: 2.7 LOW
CVE-2020-12865

A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.

Published: June 24, 2020; 9:15:11 AM -0400
V4.0:(not available)
V3.1: 8.0 HIGH
V2.0: 5.2 MEDIUM
CVE-2020-12864

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.

Published: June 24, 2020; 9:15:11 AM -0400
V4.0:(not available)
V3.1: 4.3 MEDIUM
V2.0: 3.3 LOW
CVE-2020-12863

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.

Published: June 24, 2020; 9:15:11 AM -0400
V4.0:(not available)
V3.1: 4.3 MEDIUM
V2.0: 3.3 LOW
CVE-2020-12862

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.

Published: June 24, 2020; 9:15:11 AM -0400
V4.0:(not available)
V3.1: 4.3 MEDIUM
V2.0: 3.3 LOW
CVE-2020-12861

A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.

Published: June 24, 2020; 9:15:10 AM -0400
V4.0:(not available)
V3.1: 8.8 HIGH
V2.0: 7.9 HIGH
CVE-2020-12867

A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.

Published: June 01, 2020; 10:15:10 AM -0400
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW