CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 1CVE-2020-11760 – Debian Security Advisory 4755-1
https://notcve.org/view.php?id=CVE-2020-11760
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura fuera de límites durante una descompresión RLE en la función rleUncompress en el archivo ImfRle.cpp. Multiple security issues were found in the OpenEXR image library, which could result in denial of service and potentially the execution of arbitrary code when processing malformed EXR im... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 41EXPL: 1CVE-2020-11761 – OpenEXR: out-of-bounds read during Huffman uncompression
https://notcve.org/view.php?id=CVE-2020-11761
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura fuera de límites durante la descompresión de Huffman, como es demostrado por la función FastHufDecoder::refill en el archivo ImfFastHuf.cpp. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 1CVE-2020-11762 – Debian Security Advisory 4755-1
https://notcve.org/view.php?id=CVE-2020-11762
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura y escritura fuera de límites en la función DwaCompressor::uncompress en el archivo ImfDwaCompressor.cpp cuando se maneja el caso de compresión DESCONOCIDO. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR i... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3889
https://notcve.org/view.php?id=CVE-2020-3889
01 Apr 2020 — A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to read arbitrary files. Se abordó un problema lógico con una gestión de estado mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3884 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-3884
25 Mar 2020 — An injection issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to cause arbitrary javascript code execution. Se abordó un problema de inyección con una comprobación mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 2%CPEs: 7EXPL: 0CVE-2020-3910 – Apple Security Advisory 2020-03-24-4
https://notcve.org/view.php?id=CVE-2020-3910
25 Mar 2020 — A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. Se abordó un desbordamiento del búfer con una comprobación de tamaño mejorada. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, macOS Catalina versión 10.15.4, tvOS versión 13.4, watchOS versión 6.2, iTunes para Windows ver... • https://support.apple.com/HT211100 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 2%CPEs: 7EXPL: 0CVE-2020-3911 – Apple Security Advisory 2020-03-24-4
https://notcve.org/view.php?id=CVE-2020-3911
25 Mar 2020 — A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. Se abordó un desbordamiento del búfer con una comprobación de límites mejorada. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, macOS Catalina versión 10.15.4, tvOS versión 13.4, watchOS versión 6.2, iTunes para Windows ve... • https://support.apple.com/HT211100 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3906 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-3906
25 Mar 2020 — A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.4. A maliciously crafted application may be able to bypass code signing enforcement. Se abordó un problema lógico con restricciones mejoradas. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-9785 – Apple Security Advisory 2020-03-24-4
https://notcve.org/view.php?id=CVE-2020-9785
25 Mar 2020 — Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordaron múltiples problemas de corrupción de la memoria con una administración de estado mejorada. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, macOS Catalina versión 10.15.4, tvOS versión 13.4, watchOS versión 6.2. • https://support.apple.com/HT211100 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3905 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-3905
25 Mar 2020 — A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de la memoria con una comprobación de entrada mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •