CVSS: 5.5EPSS: 0%CPEs: 45EXPL: 1CVE-2020-11765
https://notcve.org/view.php?id=CVE-2020-11765
An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta un error por un paso en el uso de la función de lectura del archivo ImfXdr.h por DwaCompressor::Classifier::Classifier, conllevando a una lectura fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html https://bugs.chromium.org/p/project-zero/issues/detail?id=1987 https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md#version-241-february-11-2020 https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.1 https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4KFGDQG5PVYAU7TS5MZ7XCS6EMPVII3 https:// • CWE-125: Out-of-bounds Read CWE-193: Off-by-one Error •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3889
https://notcve.org/view.php?id=CVE-2020-3889
A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to read arbitrary files. Se abordó un problema lógico con una gestión de estado mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3892
https://notcve.org/view.php?id=CVE-2020-3892
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de la memoria con una comprobación de entrada mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3904
https://notcve.org/view.php?id=CVE-2020-3904
Multiple memory corruption issues were addressed with improved state management. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordaron múltiples problemas de corrupción de la memoria con una administración de estado mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3851
https://notcve.org/view.php?id=CVE-2020-3851
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to gain elevated privileges. Se abordó un problema de uso de la memoria previamente liberada con una administración de la memoria mejorada. Este problema se corrigió en macOS Catalina versión 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina versión 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. • https://support.apple.com/en-us/HT210919 https://support.apple.com/en-us/HT211100 • CWE-416: Use After Free •