CVSS: 5.5EPSS: 0%CPEs: 41EXPL: 1CVE-2020-11761 – OpenEXR: out-of-bounds read during Huffman uncompression
https://notcve.org/view.php?id=CVE-2020-11761
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura fuera de límites durante la descompresión de Huffman, como es demostrado por la función FastHufDecoder::refill en el archivo ImfFastHuf.cpp. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 1CVE-2020-11762 – Debian Security Advisory 4755-1
https://notcve.org/view.php?id=CVE-2020-11762
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura y escritura fuera de límites en la función DwaCompressor::uncompress en el archivo ImfDwaCompressor.cpp cuando se maneja el caso de compresión DESCONOCIDO. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR i... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 1CVE-2020-11763 – OpenEXR: std:: vector out-of-bounds read and write in ImfTileOffsets.cpp
https://notcve.org/view.php?id=CVE-2020-11763
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura y escritura fuera de límites en la función std::vector, como es demostrado por el archivo ImfTileOffsets.cpp. OpenEXR is a high dynamic-range image file format developed by Industrial Light & Magic for use in computer imaging applications. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 1CVE-2020-11764 – OpenEXR: out-of-bounds write in copyIntoFrameBuffer function in ImfMisc.cpp
https://notcve.org/view.php?id=CVE-2020-11764
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una escritura fuera de límites en la función copyIntoFrameBuffer en el archivo ImfMisc.cpp. OpenEXR is a high dynamic-range image file format developed by Industrial Light & Magic for use in computer imaging applications. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 45EXPL: 1CVE-2020-11765 – Debian Security Advisory 4755-1
https://notcve.org/view.php?id=CVE-2020-11765
14 Apr 2020 — An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta un error por un paso en el uso de la función de lectura del archivo ImfXdr.h por DwaCompressor::Classifier::Classifier, conllevando a una lectura fuera de límites. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR i... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html • CWE-125: Out-of-bounds Read CWE-193: Off-by-one Error •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2020-3885 – webkitgtk: Incorrect processing of file URLs
https://notcve.org/view.php?id=CVE-2020-3885
25 Mar 2020 — A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. Se abordó un problema lógico con restricciones mejoradas. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, tvOS versión 13.4, Safari versión 13.1, iTunes para Windows versión 12.10.5, iCloud para Windows versión 10.9.3, iCloud para Windows v... • https://support.apple.com/HT211101 • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-9783 – Apple Security Advisory 2020-03-25-2
https://notcve.org/view.php?id=CVE-2020-9783
25 Mar 2020 — A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to code execution. Se abordó un problema de uso de la memoria previamente liberada con una administración de memoria mejorada . Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, tvOS versión 13.4, Safari versión 13.1,... • https://support.apple.com/HT211101 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2020-3887 – Apple Security Advisory 2020-03-25-2
https://notcve.org/view.php?id=CVE-2020-3887
25 Mar 2020 — A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated. Se abordó un problema lógico con restricciones mejoradas. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, tvOS versión 13.4, Safari versión 13.1, iTunes para Windows versión 12.10.5, iCloud para Windows versión 10.9.3, iCloud para... • https://support.apple.com/HT211101 •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2020-3895 – webkitgtk: Memory corruption triggered by a malicious web content
https://notcve.org/view.php?id=CVE-2020-3895
25 Mar 2020 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de corrupción de la memoria con un manejo de la memoria mejorado. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, tvOS versión 13.4, watchOS versión 6... • https://support.apple.com/HT211101 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 8EXPL: 0CVE-2020-3899 – webkitgtk: Memory consumption issue leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2020-3899
25 Mar 2020 — A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. Se abordó un problema de consumo de memoria con un manejo de la memoria mejorado. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, tvOS versión 13.4, watchOS versión 6.2 Safari versión 13.... • https://support.apple.com/HT211101 •