Page 58 of 937 results (0.017 seconds)

CVSS: 5.7EPSS: 0%CPEs: 9EXPL: 1

A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075. Una desreferencia del puntero NULL en la función sanei_epson_net_read en SANE Backends versiones anteriores a la 1.0.30, permite a un dispositivo malicioso conectado a la misma red local que la víctima causar una denegación de servicio, también se conoce como GHSL-2020-075 • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html https://gitlab.com/sane-project/backends/-/issues/279#issue-1-ghsl-2020-075-null-pointer-dereference-in-sanei_epson_net_read https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html https://l • CWE-476: NULL Pointer Dereference •

CVSS: 3.2EPSS: 0%CPEs: 8EXPL: 0

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. En QEMU versión 5.0.0 y versiones anteriores, la función megasas_lookup_frame en el archivo hw/scsi/megasas.c presenta una lectura fuera de límites mediante el campo reply_queue_head desde un usuario invitado del Sistema Operativo. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00086.html http://www.openwall.com/lists/oss-security/2020/05/28/2 https://lists.debian.org/debian-lts-announce/2020/06/msg00032.html https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg03131.html https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg06250.html https://security-tracker.debian.org/tracker/CVE-2020-13362 https://security • CWE-125: Out-of-bounds Read •

CVSS: 3.9EPSS: 0%CPEs: 8EXPL: 0

In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation. En QEMU versión 5.0.0 y versiones anteriores, la función es1370_transfer_audio en el archivo hw/audio/es1370.c no comprueba apropiadamente el conteo de tramas, lo que permite a usuarios invitados del Sistema Operativo desencadenar un acceso fuera de límites durante una operación es1370_write(). • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00086.html http://www.openwall.com/lists/oss-security/2020/05/28/1 https://lists.debian.org/debian-lts-announce/2020/06/msg00032.html https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg03983.html https://security-tracker.debian.org/tracker/CVE-2020-13361 https://security.gentoo.org/glsa/202011-09 https://security.netapp.com/advisory/ntap-202 • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 2

In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verification. Applications that fail to provide the server identity, including Balsa before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the certificate is valid for any host. En GNOME glib-networking versiones hasta 2.64.2, la implementación de GTlsClientConnection omite la verificación del nombre de host del certificado TLS del servidor si la aplicación presenta un fallo al especificar la identidad esperada del servidor. Esto está en contraste con su comportamiento documentado previsto, en el fallo de la verificación del certificado. • https://gitlab.gnome.org/GNOME/balsa/-/issues/34 https://gitlab.gnome.org/GNOME/glib-networking/-/issues/135 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLEX2IP62SU6WJ4SK3U766XGLQK3J62O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LRCUM22YEWWKNMN2BP5LTVDM5P4VWIXS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQEQJQ4XFMFCFJTEXKL2ZO3UELBPCKSK https://security.gentoo.org/glsa/202007-50 htt • CWE-295: Improper Certificate Validation •

CVSS: 7.0EPSS: 0%CPEs: 25EXPL: 0

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. El archivo ext/fts3/fts3.c en SQLite versiones anteriores a la versión 3.32.0, tiene un uso de la memoria previamente liberada en la función fts3EvalNextRow, relacionado con la funcionalidad snippet. A use-after-free vulnerability was found in the SQLite FTS3 extension module in the way it implemented the snippet function. This flaw allows an attacker who can execute SQL statements to crash the application or potentially execute arbitrary code. • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2020/Nov/19 http://seclists.org/fulldisclosure/2020/Nov/20 http://seclists.org/fulldisclosure/2020/Nov/22 https://bugs.chromium.org/p/chromium/issues/detail?id=1080459 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7KXQWHIY2MQP4LNM6ODWJENMXY • CWE-416: Use After Free •