Lucene search
K

2370 matches found

Snyk
Snyk
added 2025/12/23 9:41 p.m.1 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the parsing process of EXR files due to improper validation of user-supplied data length. An attacker can achieve arbitrary code execution by tricking a user into opening a specially crafted malicious EXR...

8.5CVSS8.1AI score0.00158EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/12/23 9:41 p.m.4 views

CVE-2025-12839

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS7.8AI score0.00158EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/12/23 9:41 p.m.6 views

CVE-2025-12839

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS7.8AI score0.00158EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/23 9:41 p.m.23 views

CVE-2025-12495 Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS0.00158EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/23 9:41 p.m.1 views

CVE-2025-12495 Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS7.2AI score0.00158EPSS
Exploits0References1
CVE
CVE
added 2025/12/23 9:41 p.m.13 views

CVE-2025-12495

CVE-2025-12495 is an OpenEXR heap-based buffer overflow in EXR file parsing that can lead to remote code execution. Exploitation described requires user interaction (visit a malicious page or open a malicious file). The connected advisories show affected packages in Fedora (mingw-openexr and open...

7.8CVSS7.7AI score0.00158EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsv
added 2025/12/23 9:41 p.m.4 views

angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +65 more potentially affected by CVE-2025-12495 via openexr (=3.4.12)

openexr PYPI version =3.4.12 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - angorapy =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves:...

7.8CVSS7.1AI score0.00158EPSS
Exploits0
Snyk
Snyk
added 2025/12/23 9:41 p.m.4 views

Heap-based Buffer Overflow

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Heap-based Buffer Overflow via genericunpack. An attacker can achieve arbitrary code execution by tricking a user into opening a specially crafted EXR file that exploits...

7.8CVSS8.2AI score0.00158EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/23 9:41 p.m.1 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via genericunpack. An attacker can achieve arbitrary code execution by tricking a user into opening a specially crafted EXR file that exploits improper validation of user-supplied data, leading to a heap-based...

7.8CVSS8.3AI score0.00158EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/12/23 9:41 p.m.2 views

CVE-2025-12495

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS7.8AI score0.00158EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/12/23 9:41 p.m.4 views

CVE-2025-12495

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...

7.8CVSS7.8AI score0.00158EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.3 views

Academy Software Foundation OpenEXR 安全漏洞

Academy Software Foundation OpenEXR is a suite of software libraries for reading and writing EXR files organized by the Academy Software Foundation in the United States. A security vulnerability exists in Academy Software Foundation OpenEXR that stems from a lack of validation of the length of...

7.8CVSS8AI score0.00158EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.3 views

Academy Software Foundation OpenEXR 安全漏洞

Academy Software Foundation OpenEXR is a suite of software libraries for reading and writing EXR files organized by the Academy Software Foundation in the United States. A security vulnerability exists in Academy Software Foundation OpenEXR that stems from a lack of validation of the length of...

7.8CVSS8AI score0.00158EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.4 views

Academy Software Foundation OpenEXR 安全漏洞

Academy Software Foundation OpenEXR is a suite of software libraries for reading and writing EXR files organized by the Academy Software Foundation in the United States. A security vulnerability exists in Academy Software Foundation OpenEXR that stems from a lack of validation of the length of...

7.8CVSS8AI score0.00158EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/12/16 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2025:21189-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00158EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/13 12:0 a.m.5 views

openSUSE 16 Security Update : openexr (openSUSE-SU-2025-20148-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20148-1 advisory. Changes in openexr: - CVE-2025-12495: Fixed a file parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1253714 -...

7.8CVSS7.6AI score0.00158EPSS
Exploits0References9
OSV
OSV
added 2025/12/09 4:32 p.m.4 views

OPENSUSE-SU-2025:20148-1 Security update for openexr

This update for openexr fixes the following issues: Changes in openexr: - CVE-2025-12495: Fixed a file parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1253714 - CVE-2025-12839: Fixed a file parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1253715...

7.8CVSS5.9AI score0.00158EPSS
Exploits0References6
OSV
OSV
added 2025/12/09 4:32 p.m.2 views

SUSE-SU-2025:21189-1 Security update for openexr

This update for openexr fixes the following issues: Changes in openexr: - CVE-2025-12495: Fixed a file parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1253714 - CVE-2025-12839: Fixed a file parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1253715...

7.8CVSS7.2AI score0.00158EPSS
Exploits0References7
OSV
OSV
added 2025/11/28 12:51 p.m.3 views

OESA-2025-2740 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

7.5CVSS6.7AI score0.00339EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/11/28 12:0 a.m.2 views

SUSE: Security Advisory (SUSE-SU-2025:21014-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.00339EPSS
Exploits1References4
Rows per page
Query Builder