CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 1CVE-2020-11764 – OpenEXR: out-of-bounds write in copyIntoFrameBuffer function in ImfMisc.cpp
https://notcve.org/view.php?id=CVE-2020-11764
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una escritura fuera de límites en la función copyIntoFrameBuffer en el archivo ImfMisc.cpp. OpenEXR is a high dynamic-range image file format developed by Industrial Light & Magic for use in computer imaging applications. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 45EXPL: 1CVE-2020-11765 – Debian Security Advisory 4755-1
https://notcve.org/view.php?id=CVE-2020-11765
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta un error por un paso en el uso de la función de lectura del archivo ImfXdr.h por DwaCompressor::Classifier::Classifier, conllevando a una lectura fuera de límites. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR i... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read CWE-193: Off-by-one Error •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3889
https://notcve.org/view.php?id=CVE-2020-3889
01 Apr 2020 — A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to read arbitrary files. Se abordó un problema lógico con una gestión de estado mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3904 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-3904
25 Mar 2020 — Multiple memory corruption issues were addressed with improved state management. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordaron múltiples problemas de corrupción de la memoria con una administración de estado mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9769 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-9769
25 Mar 2020 — Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim. Se abordaron varios problemas mediante la actualización a la versión 8.1.1850. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-3914 – Apple Security Advisory 2020-03-24-4
https://notcve.org/view.php?id=CVE-2020-3914
25 Mar 2020 — A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. An application may be able to read restricted memory. Se abordó un problema de inicialización de memoria con un manejo de la memoria mejorado. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, macOS Catalina versión 10.15.4, tvOS versión 13.4, watchOS versión 6.2. • https://support.apple.com/HT211100 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3851 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-3851
25 Mar 2020 — A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to gain elevated privileges. Se abordó un problema de uso de la memoria previamente liberada con una administración de la memoria mejorada. Este problema se corrigió en macOS Catalina versión 10.15... • https://support.apple.com/en-us/HT210919 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3907 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-3907
25 Mar 2020 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3903 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-3903
25 Mar 2020 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.4. An application may be able to execute arbitrary code with system privileges. Se abordó un problema de corrupción de la memoria con un manejo de la memoria mejorado. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3884 – Apple Security Advisory 2020-03-24-2
https://notcve.org/view.php?id=CVE-2020-3884
25 Mar 2020 — An injection issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to cause arbitrary javascript code execution. Se abordó un problema de inyección con una comprobación mejorada. Este problema es corregido en macOS Catalina versión 10.15.4. • https://support.apple.com/HT211100 • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •