Lucene search
K

2370 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.6 views

Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2026-1364)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1364 advisory. Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on...

7.8CVSS6.3AI score0.00158EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : OpenEXR-1.7.1-8.el7 (AXSA:2020-656:02)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-656:02 advisory. OpenEXR: out-of-bounds read during Huffman uncompression CVE-2020-11761 OpenEXR: std::vector out-of-bounds read and write in ImfTileOffsets.cpp...

5.5CVSS8.1AI score0.01793EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 9 : openexr-3.1.1-2.el9.1 (AXSA:2024-9242:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9242:02 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the MiracleLinux...

9.1CVSS5.6AI score0.01258EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : openexr-3.1.1-2.el9_4.1 (AXSA:2024-8955:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8955:01 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the MiracleLinux...

9.1CVSS5.6AI score0.01258EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.4 views

Astra Linux – Vulnerability in openexr

OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, when using openexrexrcheckfuzzer, Valgrind reported a conditional branch that depends on...

7.5CVSS7.1AI score0.00339EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.3 views

Astra Linux – Vulnerability in ffmpeg

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, decompress and decode it into the buffer td-rlerawdata of size rlerawsize a...

6.9CVSS6AI score0.00158EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/24 12:2 p.m.2 views

CVE-2025-12495

A flaw was found in OpenEXR, a library for handling High Dynamic Range HDR image files. This heap-based buffer overflow vulnerability allows a remote attacker to execute arbitrary code on a user's system. This occurs when a user is tricked into opening a specially crafted EXR file, exploiting a...

7.8CVSS7.7AI score0.00158EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/24 12:2 p.m.3 views

CVE-2025-12839

A flaw was found in OpenEXR. This heap-based buffer overflow vulnerability occurs during the parsing of EXR files due to improper validation of user-supplied data length. A remote attacker could exploit this by tricking a user into opening a specially crafted malicious EXR file. Successful...

7.8CVSS7.7AI score0.00158EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/24 12:2 p.m.4 views

CVE-2025-12840

A flaw was found in OpenEXR. This heap-based buffer overflow vulnerability occurs during EXR file parsing due to improper validation of user-supplied data length. A remote attacker could exploit this by tricking a user into visiting a malicious page or opening a malicious EXR file. Successful...

7.8CVSS7.2AI score0.00158EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/24 12:30 a.m.3 views

EUVD-2025-204962

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS7.1AI score0.00158EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/24 12:30 a.m.3 views

EUVD-2025-204964

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS7.1AI score0.00158EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/24 12:30 a.m.3 views

EUVD-2025-204963

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS7.1AI score0.00158EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-12840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers ...

7.8CVSS7.9AI score0.00158EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-12495

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers ...

7.8CVSS7.8AI score0.00158EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-12839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers ...

7.8CVSS7.8AI score0.00158EPSS
Exploits0References3
NVD
NVD
added 2025/12/23 10:15 p.m.3 views

CVE-2025-12495

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS0.00158EPSS
Exploits0References1
NVD
NVD
added 2025/12/23 10:15 p.m.2 views

CVE-2025-12840

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS0.00158EPSS
Exploits0References1
NVD
NVD
added 2025/12/23 10:15 p.m.2 views

CVE-2025-12839

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS0.00158EPSS
Exploits0References1
OSV
OSV
added 2025/12/23 10:15 p.m.1 views

CVE-2025-12840

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS7.5AI score
Exploits0References1
OSV
OSV
added 2025/12/23 10:15 p.m.3 views

CVE-2025-12839

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS7.5AI score
Exploits0References1
Rows per page
Query Builder