CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2022/12/22 10:15 p.m.•13 views

CVE-2022-43600

Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability...

8.1CVSS0.0471EPSS

5.9CVSS7.3AI score0.00723EPSS

DEBIAN-CVE-2022-43603

A denial of service vulnerability exists in the ZfileOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability...

5.9CVSS7.2AI score0.00459EPSS

DEBIAN-CVE-2022-43593

A denial of service vulnerability exists in the DPXOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to null pointer dereference. An attacker can provide malicious input to trigger this vulnerability...

5.9CVSS7.3AI score0.00643EPSS

DEBIAN-CVE-2022-43596

An information disclosure vulnerability exists in the IFFOutput channel interleaving functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability...

OSV•added 2022/12/22 10:15 p.m.•22 views

CVE-2022-43601

8.1CVSS8.4AI score

OSV•added 2022/12/22 10:15 p.m.•22 views

CVE-2022-41999

7.5CVSS7.3AI score

NVD•added 2022/12/22 10:15 p.m.•23 views

CVE-2022-41988

An information disclosure vulnerability exists in the OpenImageIO::decodeiptciim functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability...

7.5CVSS0.0052EPSS

NVD•added 2022/12/22 10:15 p.m.•18 views

CVE-2022-41981

A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can lead to out of bounds read and write on the process stack, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger...

8.1CVSS0.01627EPSS

NVD•added 2022/12/22 10:15 p.m.•22 views

CVE-2022-41838

A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS0.05976EPSS

OSV•added 2022/12/22 10:15 p.m.•17 views

CVE-2022-41838

9.8CVSS9.6AI score

OSV•added 2022/12/22 10:15 p.m.•17 views

CVE-2022-41988

7.5CVSS7.1AI score

9.8CVSS9.2AI score0.05976EPSS

DEBIAN-CVE-2022-41838

NVD•added 2022/12/22 10:15 p.m.•14 views

CVE-2022-41977

An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A specially-crafted TIFF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

5.3CVSS0.0021EPSS

9.8CVSS8.6AI score0.00346EPSS

DEBIAN-CVE-2022-41837

An out-of-bounds write vulnerability exists in the OpenImageIO::addexifitemtospec functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially-crafted exif metadata can lead to stack-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS9.2AI score0.01118EPSS

DEBIAN-CVE-2022-41794

A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...