Shodan
Vulnerabilities
Vulnerable Software
Canonical:  Security Vulnerabilities
CVE-2020-12863
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-06-24
CVE-2020-12864
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-06-24
CVE-2020-12865
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
CVSS Score
8.0
EPSS Score
0.005
Published
2020-06-24
CVE-2020-12866
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
CVSS Score
5.7
EPSS Score
0.002
Published
2020-06-24
CVE-2020-12861
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
CVSS Score
8.8
EPSS Score
0.008
Published
2020-06-24
CVE-2020-15011
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
CVSS Score
4.3
EPSS Score
0.011
Published
2020-06-24
CVE-2020-4030
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.
CVSS Score
3.5
EPSS Score
0.0
Published
2020-06-22
CVE-2020-4031
In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.
CVSS Score
3.5
EPSS Score
0.004
Published
2020-06-22
CVE-2020-4032
In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.
CVSS Score
3.1
EPSS Score
0.005
Published
2020-06-22
CVE-2020-4033
In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2.
CVSS Score
3.1
EPSS Score
0.002
Published
2020-06-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved