CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0CVE-2020-10177 – python-pillow: multiple out-of-bounds reads in libImaging/FliDecode.c
https://notcve.org/view.php?id=CVE-2020-10177
25 Jun 2020 — Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. Pillow versiones anteriores a 7.1.0, presenta múltiples lecturas fuera de límites en la biblioteca libImaging/FliDecode.c A flaw was found in python-pillow. Multiple out-of-bounds reads occur in libImaging/FliDecode.c. • https://github.com/python-pillow/Pillow/commits/master/src/libImaging • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 1%CPEs: 6EXPL: 0CVE-2020-11538 – python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2
https://notcve.org/view.php?id=CVE-2020-11538
25 Jun 2020 — In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311. En la biblioteca libImaging/SgiRleDecode.c en Pillow versiones hasta 7.0.0, se presentan múltiples lecturas fuera de límites en el análisis de archivos de imagen SGI, un problema diferente de CVE-2020-5311 An out-of-bounds read/write flaw was found in python-pillow, in the way SGI RLE images are decoded. An application that uses python-pillow to... • https://github.com/python-pillow/Pillow/pull/4504 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 0CVE-2020-10378 – python-pillow: an out-of-bounds read in libImaging/PcxDecode.c can occur when reading PCX files
https://notcve.org/view.php?id=CVE-2020-10378
25 Jun 2020 — In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer. En la biblioteca libImaging/PcxDecode.c en Pillow versiones anteriores a 7.1.0, puede ocurrir una lectura fuera de límites cuando se leen archivos PCX donde state->shuffle es instruido para que lea más allá de state->buffer A flaw was found in python-pillow. In libImaging/PcxDecode.c, an out-of-bounds read occurs when reading PCX file... • https://github.com/python-pillow/Pillow/commit/6a83e4324738bb0452fbe8074a995b1c73f08de7#diff-9478f2787e3ae9668a15123b165c23ac • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2020-5963
https://notcve.org/view.php?id=CVE-2020-5963
25 Jun 2020 — NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure. NVIDIA Windows GPU Display Driver, todas las versiones, contiene una vulnerabilidad en las API Inter Process Communication, en el que el control de acceso inapropiado puede conllevar a una ejecución del código, denegación de servicio o divulgación de información • https://nvidia.custhelp.com/app/answers/detail/a_id/5031 •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 1CVE-2020-12862
https://notcve.org/view.php?id=CVE-2020-12862
24 Jun 2020 — An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082. Una lectura fuera de límites en SANE Backends versiones anteriores a 1.0.30, puede permitir a un dispositivo malicioso conectado a la misma red local que la víctima leer información importante, tales como las compensaciones ASLR del programa, también se conoce como GHSL-2020-082 • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 1CVE-2020-12863
https://notcve.org/view.php?id=CVE-2020-12863
24 Jun 2020 — An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083. Una lectura fuera de límites en SANE Backends versiones anteriores a 1.0.30, puede permitir a un dispositivo malicioso conectado a la misma red local que la víctima leer información importante, tales como las compensaciones ASLR del programa, también se conoce como GHSL-2020-083 • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 1CVE-2020-12864
https://notcve.org/view.php?id=CVE-2020-12864
24 Jun 2020 — An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081. Una lectura fuera de límites en SANE Backends versiones anteriores a 1.0.30, puede permitir a un dispositivo malicioso conectado a la misma red local que la víctima leer información importante, tales como las compensaciones ASLR del programa, también se conoce como GHSL-2020-081 • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html • CWE-125: Out-of-bounds Read •
CVSS: 8.0EPSS: 0%CPEs: 7EXPL: 1CVE-2020-12865 – sane-backends: Heap buffer overflow in esci2_img
https://notcve.org/view.php?id=CVE-2020-12865
24 Jun 2020 — A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. Un desbordamiento del búfer de la pila en SANE Backends versiones anteriores a 1.0.30, puede permitir a un dispositivo malicioso conectado a la misma red local que la víctima ejecutar código arbitrario, también se conoce como GHSL-2020-084 A flaw was found in sane-backends in versions prior to 1.0.30. A heap buffer overflow in the ... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 5.7EPSS: 0%CPEs: 6EXPL: 1CVE-2020-12866
https://notcve.org/view.php?id=CVE-2020-12866
24 Jun 2020 — A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079. Una desreferencia de puntero NULL en SANE Backends versiones anteriores a 1.0.30, permite a un dispositivo malicioso conectado a la misma red local que la víctima causar una denegación de servicio, GHSL-2020-079 • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 1CVE-2020-12861 – sane-backends: Heap buffer overflow in epsonds_net_read in epsonds-net.c
https://notcve.org/view.php?id=CVE-2020-12861
24 Jun 2020 — A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. Un desbordamiento del búfer de la pila en SANE Backends versiones anteriores a 1.0.30, permite a un dispositivo malicioso conectado a la misma red local que la víctima ejecutar código arbitrario, también se conoce como GHSL-2020-080 A flaw was found in sane-backends in versions prior to 1.0.30. A heap buffer overflow in epsonds_net_re... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •