1594 matches found
Astra Linux - уязвимость в gimp
GIMP ICO File Parsing: Integer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a...
Astra Linux - уязвимость в orc
Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...
EUVD-2026-25823
Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalidargument" exception, ultimately causing the program to terminate...
Foxit PDF Reader和Foxit PDF Editor 安全漏洞
Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation in China. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from insufficient parameter validation, which...
PT-2026-35399
Name of the Vulnerable Software and Affected Versions Foxit PDF Editor/Reader affected versions not specified Description Insufficient parameter verification leads to format errors in files, which trigger an unhandled std::invalid argument exception, resulting in a denial-of-service condition tha...
openexr security update
An update is available for openexr. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenEXR is an open-source high-dynamic-range floating-point image file format...
CVE-2026-40250
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1040 performs chan-width chan-bytesperelement in...
CVE-2026-39886 OpenEXR has HTJ2K Signed Integer Overflow in ht_undo_impl()
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...
RHEL 9 : openexr (RHSA-2026:8871)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:8871 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a...
Important: OpenEXR security update
OpenEXR is a high dynamic-range HDR image file format developed by Industrial Light & Magic for use in computer imaging applications. This package contains libraries and sample applications for handling the format. Security Fixes: openexr: OpenEXR: Arbitrary code execution via integer overflow in...
JLSEC-2026-138
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter the deprecated...
JLSEC-2026-135
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
CVE-2026-40918
CVE-2026-40918 (GIMP) : A flaw in the GIMP PVR image loader can cause a denial of service when processing specially crafted, large-dimension PVR files. Root cause: a stack-based buffer overflow and an out-of-bounds read during loading, leading to application crash. Affected: systems that process ...
PT-2026-33167
Name of the Vulnerable Software and Affected Versions FFmpeg affected versions not specified Description A signed integer overflow exists in the DVD subtitle parser's fragment reassembly bounds checks. A remote attacker can exploit this by providing a specially crafted MPEG-PS/VOB media file...
CVE-2026-35176
CVE-2026-35176 concerns openFPGALoader (1.1.1 and earlier) with a heap-buffer-overflow in POFParser::parseSection() while parsing crafted .pof files. The issue allows out-of-bounds heap memory access and does not require FPGA hardware to trigger. Impact per data shows high severity in confidentia...
CVE-2026-34589
OpenEXR 3.4.9 fixes CVE-2026-34589 (DWA Lossy Decoder Heap Out-of-Bounds Write). The advisory notes this vulnerability as part of a set addressed in Cary Phillips’ report. Affected component: DWA Lossy Decoder within the OpenEXR 3.4.9 release. Root cause: heap out-of-bounds write in the DWA Lossy...
Linux Distros Unpatched Vulnerability : CVE-2026-34588
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to...
Linux Distros Unpatched Vulnerability : CVE-2026-34379
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to...
Linux Distros Unpatched Vulnerability : CVE-2026-34544
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version...
SUSE CVE-2026-34544
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...