Sane 1.2.1 heap bounds overwrite in init_options() from backend/test.c via a long init_mode string in a configuration file. NOTE:

An issue in Sane 1.2.1 allows a local attacker to execute arbitrary code via a crafted file to the sanei_configure_attach() functi

A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the vic

A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the vict

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victi

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victi

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victi

A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim

A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same

saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION