CVSS: 9.8EPSS: 7%CPEs: 3EXPL: 1CVE-2019-6203
https://notcve.org/view.php?id=CVE-2019-6203
17 Apr 2020 — A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic. Se abordó un problema lógico con una administración de estado mejorada. Este problema está corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2. • https://github.com/qingxp9/CVE-2019-6203-PoC •
CVSS: 5.5EPSS: 0%CPEs: 45EXPL: 1CVE-2020-11758 – Debian Security Advisory 4755-1
https://notcve.org/view.php?id=CVE-2020-11758
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura fuera de límites en el archivo ImfOptimizedPixelReading.h. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 1CVE-2020-11760 – Debian Security Advisory 4755-1
https://notcve.org/view.php?id=CVE-2020-11760
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura fuera de límites durante una descompresión RLE en la función rleUncompress en el archivo ImfRle.cpp. Multiple security issues were found in the OpenEXR image library, which could result in denial of service and potentially the execution of arbitrary code when processing malformed EXR im... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 41EXPL: 1CVE-2020-11761 – OpenEXR: out-of-bounds read during Huffman uncompression
https://notcve.org/view.php?id=CVE-2020-11761
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura fuera de límites durante la descompresión de Huffman, como es demostrado por la función FastHufDecoder::refill en el archivo ImfFastHuf.cpp. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 1CVE-2020-11762 – Debian Security Advisory 4755-1
https://notcve.org/view.php?id=CVE-2020-11762
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura y escritura fuera de límites en la función DwaCompressor::uncompress en el archivo ImfDwaCompressor.cpp cuando se maneja el caso de compresión DESCONOCIDO. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR i... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3889
https://notcve.org/view.php?id=CVE-2020-3889
01 Apr 2020 — A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to read arbitrary files. Se abordó un problema lógico con una gestión de estado mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3881 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-3881
25 Mar 2020 — A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to view sensitive user information. Se abordó un problema lógico con una gestión de estado mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-3883 – Apple Security Advisory 2020-03-24-4
https://notcve.org/view.php?id=CVE-2020-3883
25 Mar 2020 — This issue was addressed with improved checks. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. An application may be able to use arbitrary entitlements. Este problema se abordó con comprobaciones mejoradas. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, macOS Catalina versión 10.15.4, tvOS versión 13.4, watchOS versión 6.2. • https://support.apple.com/HT211100 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3884 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-3884
25 Mar 2020 — An injection issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to cause arbitrary javascript code execution. Se abordó un problema de inyección con una comprobación mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3892 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-3892
25 Mar 2020 — A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de la memoria con una comprobación de entrada mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •