2370 matches found
OpenEXR < 3.4.3 -- multiple vulnerabilities
Cary Phillips reports: Patch release that addresses several bugs, primarily involving properly rejecting corrupt input data. He goes on to report various relevant items including heap buffer overflows, use-after-free, use of uninitialized memory and other bugs, several of them found by OSS-fuzz,...
OpenJPH < 0.24.5 -- multiple vulnerabilities
Aous Naman reports several vulnerabilities fixed in OpenJPH versions up to 0.24.5 and credits Cary Phillips for reporting them from the OSS-fuzz project. 0.24.5 Addresses OpenEXR OSS-fuzz issue 5747129672073216 that can cause heap corruption. 0.24.4... we now check that the ATK marker segment...
OpenEXR has an unspecified vulnerability (CNVD-2025-24791)
OpenEXR is an open standard for high dynamic range image HDR file formats. A security vulnerability exists in OpenEXR that can be exploited by attackers to cause a buffer overflow...
OpenEXR has an unspecified vulnerability (CNVD-2025-24790)
OpenEXR is an open standard for high dynamic range image HDR file formats. A security vulnerability exists in versions prior to OpenEXR 8.0, which can be exploited by an attacker to cause heap memory corruption...
OpenEXR has an unspecified vulnerability (CNVD-2025-24792)
OpenEXR is an open standard for high dynamic range image HDR file formats. A security vulnerability exists in versions prior to OpenEXR 8.0, which can be exploited by an attacker to cause an out-of-bounds write...
Linux Distros Unpatched Vulnerability : CVE-2025-59732
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or...
Linux Distros Unpatched Vulnerability : CVE-2025-59731
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length- encoded data is not checked when using it to calculate...
Linux Distros Unpatched Vulnerability : CVE-2025-59733
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and...
EUVD-2021-10279
Malware in sbrugna...
EUVD-2021-26798
Malware in sbrugna...
EUVD-2021-26796
Malware in sbrugna...
EUVD-2021-26797
Malware in sbrugna...
EUVD-2021-26801
Malware in sbrugna...
EUVD-2021-26800
Malware in sbrugna...
EUVD-2021-26799
Malware in sbrugna...
EUVD-2020-4100
Malware in sbrugna...
EUVD-2020-4102
Malware in sbrugna...
EUVD-2020-8549
Malware in sbrugna...
EUVD-2020-8548
Malware in sbrugna...
EUVD-2020-7303
Malware in sbrugna...