2370 matches found
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the parsing process of EXR files due to improper validation of user-supplied data length. An attacker can achieve arbitrary code execution by tricking a user into opening a specially crafted malicious EXR...
CVE-2025-12839
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
CVE-2025-12839
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
CVE-2025-12495 Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
CVE-2025-12495 Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
CVE-2025-12495
CVE-2025-12495 is an OpenEXR heap-based buffer overflow in EXR file parsing that can lead to remote code execution. Exploitation described requires user interaction (visit a malicious page or open a malicious file). The connected advisories show affected packages in Fedora (mingw-openexr and open...
angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +65 more potentially affected by CVE-2025-12495 via openexr (=3.4.12)
openexr PYPI version =3.4.12 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - angorapy =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves:...
Heap-based Buffer Overflow
Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Heap-based Buffer Overflow via genericunpack. An attacker can achieve arbitrary code execution by tricking a user into opening a specially crafted EXR file that exploits...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via genericunpack. An attacker can achieve arbitrary code execution by tricking a user into opening a specially crafted EXR file that exploits improper validation of user-supplied data, leading to a heap-based...
CVE-2025-12495
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
CVE-2025-12495
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
Academy Software Foundation OpenEXR 安全漏洞
Academy Software Foundation OpenEXR is a suite of software libraries for reading and writing EXR files organized by the Academy Software Foundation in the United States. A security vulnerability exists in Academy Software Foundation OpenEXR that stems from a lack of validation of the length of...
Academy Software Foundation OpenEXR 安全漏洞
Academy Software Foundation OpenEXR is a suite of software libraries for reading and writing EXR files organized by the Academy Software Foundation in the United States. A security vulnerability exists in Academy Software Foundation OpenEXR that stems from a lack of validation of the length of...
Academy Software Foundation OpenEXR 安全漏洞
Academy Software Foundation OpenEXR is a suite of software libraries for reading and writing EXR files organized by the Academy Software Foundation in the United States. A security vulnerability exists in Academy Software Foundation OpenEXR that stems from a lack of validation of the length of...
SUSE: Security Advisory (SUSE-SU-2025:21189-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 16 Security Update : openexr (openSUSE-SU-2025-20148-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20148-1 advisory. Changes in openexr: - CVE-2025-12495: Fixed a file parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1253714 -...
OPENSUSE-SU-2025:20148-1 Security update for openexr
This update for openexr fixes the following issues: Changes in openexr: - CVE-2025-12495: Fixed a file parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1253714 - CVE-2025-12839: Fixed a file parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1253715...
SUSE-SU-2025:21189-1 Security update for openexr
This update for openexr fixes the following issues: Changes in openexr: - CVE-2025-12495: Fixed a file parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1253714 - CVE-2025-12839: Fixed a file parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1253715...
OESA-2025-2740 OpenEXR security update
OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...
SUSE: Security Advisory (SUSE-SU-2025:21014-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...