CVSS: 7.5EPSS: 1%CPEs: 22EXPL: 0CVE-2019-20840 – Ubuntu Security Notice USN-4434-1
https://notcve.org/view.php?id=CVE-2019-20840
17 Jun 2020 — An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode. Se detectó un problema en LibVNCServer versiones anteriores a 0.9.13. La biblioteca libvncserver/ws_decode.c puede conllevar a un bloqueo debido a accesos no alineados en la función hybiReadAndDecode Ramin Farajpour Cami discovered that LibVNCServer incorrectly handled certain malformed unix socket names. A remote attacker could exploit this with a crafted s... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 21EXPL: 0CVE-2018-21247 – libvncserver: uninitialized memory contents are vulnerable to Information Leak
https://notcve.org/view.php?id=CVE-2018-21247
17 Jun 2020 — An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function. Se detectó un problema en LibVNCServer versiones anteriores a 0.9.13. Se presenta una pérdida de memoria en la biblioteca libvncclient/rfbproto.c en la función ConnectToRFBRepeater LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include buffer overflow, denial... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-909: Missing Initialization of Resource •
CVSS: 5.7EPSS: 0%CPEs: 9EXPL: 1CVE-2020-12867 – sane-backends: NULL pointer dereference in sanei_epson_net_read function
https://notcve.org/view.php?id=CVE-2020-12867
01 Jun 2020 — A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075. Una desreferencia del puntero NULL en la función sanei_epson_net_read en SANE Backends versiones anteriores a la 1.0.30, permite a un dispositivo malicioso conectado a la misma red local que la víctima causar una denegación de servicio, también se conoce como GHSL-2020-075 Kritphong Mongkhonvanit discove... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 1CVE-2020-13614
https://notcve.org/view.php?id=CVE-2020-13614
26 May 2020 — An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification. Se detectó un problema en el archivo ssl.c en Axel versiones anteriores a 2.17.8. La implementación TLS carece de verificación del nombre de host. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00006.html • CWE-295: Improper Certificate Validation •
CVSS: 8.2EPSS: 0%CPEs: 9EXPL: 0CVE-2020-13113 – libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free
https://notcve.org/view.php?id=CVE-2020-13113
21 May 2020 — An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions. Se descubrió un problema en libexif versiones anteriores a la versión 0.6.22. Un uso de la memoria no inicializada en el manejo de EXIF Makemote podría conllevar a bloqueos y condiciones potenciales de uso de la memoria previamente liberada. It was discovered that libexif incorrectly handled certain inputs. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html • CWE-822: Untrusted Pointer Dereference CWE-908: Use of Uninitialized Resource •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2020-13112 – libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS
https://notcve.org/view.php?id=CVE-2020-13112
21 May 2020 — An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093. Se descubrió un problema en libexif versiones anteriores a la versión 0.6.22. Varias lecturas excesivas de buffer en el manejo de EXIF MakerNote podrían conllevar a una divulgación de información y a bloqueos. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-13114 – libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time
https://notcve.org/view.php?id=CVE-2020-13114
21 May 2020 — An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data. Se descubrió un problema en el libexif versiones anteriores a la versión 0.6.22. Un tamaño sin restricciones en el manejo de los datos de Canon EXIF MakerNote podría conllevar al consumo de grandes cantidades de tiempo de cálculo para la decodificación de datos EXIF. It was discovered that libexif incorrectly handled c... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.0EPSS: 0%CPEs: 13EXPL: 0CVE-2020-0093 – libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c
https://notcve.org/view.php?id=CVE-2020-0093
14 May 2020 — In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-148705132 En la función exif_data_save_data_entry del archivo exif-data.c, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. Es... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11866
https://notcve.org/view.php?id=CVE-2020-11866
11 May 2020 — libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free. libEMF (también se conoce como ECMA-234 Metafile Library) versiones hasta 1.0.11, permite un uso de la memoria previamente liberada. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00036.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11865
https://notcve.org/view.php?id=CVE-2020-11865
11 May 2020 — libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access. libEMF (también se conoce como ECMA-234 Metafile Library) versiones hasta 1.0.11, permite un acceso a la memoria fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00036.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •