2370 matches found
Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2026-1364)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1364 advisory. Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on...
MiracleLinux 7 : OpenEXR-1.7.1-8.el7 (AXSA:2020-656:02)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-656:02 advisory. OpenEXR: out-of-bounds read during Huffman uncompression CVE-2020-11761 OpenEXR: std::vector out-of-bounds read and write in ImfTileOffsets.cpp...
MiracleLinux 9 : openexr-3.1.1-2.el9.1 (AXSA:2024-9242:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9242:02 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 9 : openexr-3.1.1-2.el9_4.1 (AXSA:2024-8955:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8955:01 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the MiracleLinux...
Astra Linux – Vulnerability in openexr
OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, when using openexrexrcheckfuzzer, Valgrind reported a conditional branch that depends on...
Astra Linux – Vulnerability in ffmpeg
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, decompress and decode it into the buffer td-rlerawdata of size rlerawsize a...
CVE-2025-12495
A flaw was found in OpenEXR, a library for handling High Dynamic Range HDR image files. This heap-based buffer overflow vulnerability allows a remote attacker to execute arbitrary code on a user's system. This occurs when a user is tricked into opening a specially crafted EXR file, exploiting a...
CVE-2025-12839
A flaw was found in OpenEXR. This heap-based buffer overflow vulnerability occurs during the parsing of EXR files due to improper validation of user-supplied data length. A remote attacker could exploit this by tricking a user into opening a specially crafted malicious EXR file. Successful...
CVE-2025-12840
A flaw was found in OpenEXR. This heap-based buffer overflow vulnerability occurs during EXR file parsing due to improper validation of user-supplied data length. A remote attacker could exploit this by tricking a user into visiting a malicious page or opening a malicious EXR file. Successful...
EUVD-2025-204962
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
EUVD-2025-204964
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
EUVD-2025-204963
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
Linux Distros Unpatched Vulnerability : CVE-2025-12840
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers ...
Linux Distros Unpatched Vulnerability : CVE-2025-12495
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers ...
Linux Distros Unpatched Vulnerability : CVE-2025-12839
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers ...
CVE-2025-12495
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
CVE-2025-12840
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
CVE-2025-12839
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
CVE-2025-12840
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
CVE-2025-12839
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...