Lucene search
K

2370 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/24 12:0 a.m.4 views

openSUSE 16 Security Update : openexr (openSUSE-SU-2025-20056-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025-20056-1 advisory. - CVE-2025-64181: Fixed use of uninitialized memory in function genericunpack bsc1253233 Tenable has extracted the preceding description block directly...

7.5CVSS7.2AI score0.00339EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2025/11/21 12:0 a.m.4 views

Security update for openexr (moderate)

openSUSE security update: security update for openexr ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20056-1 Rating: moderate References: bsc1253233 Cross-References: CVE-2025-64181 CVSS scores: CVE-2025-64181 SUSE : 4...

5.1CVSS7.1AI score0.00339EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/20 9:37 p.m.4 views

CVE-2025-64181

A vulnerability has been identified in the genericunpack function of OpenEXR’s file-handling library, where uninitialized memory is read when processing certain malformed EXR files. An attacker who supplies a specially crafted EXR file to a vulnerable application that uses OpenEXR may trigger...

7.5CVSS6.3AI score0.00339EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/11/20 9:37 p.m.6 views

CVE-2025-64182

A memory-safety vulnerability has been identified in the Python bindings of OpenEXR, where improper checks on image channels and attribute stealing operations may result in buffer overflow when processing crafted EXR files or Python objects. An attacker supplying a malicious EXR file or crafted...

7.8CVSS6.8AI score0.0021EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/11/20 9:37 p.m.3 views

CVE-2025-64183

A use-after-free vulnerability has been identified in the Python bindings of the OpenEXR library, where object ownership is incorrectly transferred when image channel data is accessed from Python. When a Python script retrieves the list of channel names or reads pixel data through the affected...

7.5CVSS6.5AI score0.00266EPSS
Exploits1References5
OSV
OSV
added 2025/11/19 9:46 a.m.1 views

SUSE-SU-2025:21014-1 Security update for openexr

This update for openexr fixes the following issues: - CVE-2025-64181: Fixed use of uninitialized memory in function genericunpack bsc1253233...

7.5CVSS5.8AI score0.00339EPSS
Exploits1References3
OSV
OSV
added 2025/11/19 9:45 a.m.2 views

OPENSUSE-SU-2025:20056-1 Security update for openexr

This update for openexr fixes the following issues: - CVE-2025-64181: Fixed use of uninitialized memory in function genericunpack bsc1253233...

7.5CVSS7.1AI score0.00339EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2025/11/12 12:19 a.m.3 views

SUSE CVE-2025-64181

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on...

4CVSS6.8AI score0.00339EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2025/11/12 12:19 a.m.2 views

SUSE CVE-2025-64183

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObjectStealAttrString of pyOpenEXRold.cpp...

6.2CVSS6.9AI score0.00266EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2025/11/12 12:19 a.m.2 views

SUSE CVE-2025-64182

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter the deprecated...

7.7CVSS8.1AI score0.0021EPSS
Exploits1References3
Zero Day Initiative
Zero Day Initiative
added 2025/11/11 12:0 a.m.5 views

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS7.2AI score0.00158EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/11/11 12:0 a.m.4 views

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS7.2AI score0.00158EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-64183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2...

7.5CVSS7.1AI score0.00266EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiative
added 2025/11/11 12:0 a.m.3 views

Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS7.2AI score0.00158EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.3 views

PT-2025-46551

Name of the Vulnerable Software and Affected Versions Academy Software Foundation OpenEXR affected versions not specified Description A flaw exists in the parsing of EXR files due to insufficient validation of user-supplied data length before copying it to a heap-based buffer. This can allow a...

7.8CVSS7.8AI score0.00158EPSS
Exploits0References24
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.1 views

PT-2025-46552

Name of the Vulnerable Software and Affected Versions Academy Software Foundation OpenEXR affected versions not specified Description A flaw exists in the parsing of EXR files due to insufficient validation of user-supplied data length before copying it to a heap-based buffer. This can allow a...

7.8CVSS7.2AI score0.00158EPSS
Exploits0References24
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.1 views

PT-2025-46549

Name of the Vulnerable Software and Affected Versions Academy Software Foundation OpenEXR affected versions not specified Description A flaw exists in the parsing of EXR files, stemming from insufficient validation of user-supplied data length before copying it into a heap-based buffer. This can...

7.8CVSS7.8AI score0.00158EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-64182

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2...

7.8CVSS7.8AI score0.0021EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-64181

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3...

7.5CVSS7.1AI score0.00339EPSS
Exploits1References4
NVD
NVD
added 2025/11/10 10:15 p.m.2 views

CVE-2025-64183

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObjectStealAttrString of pyOpenEXRold.cpp...

7.5CVSS0.00266EPSS
Exploits1References2
Rows per page
Query Builder