[SECURITY] Fedora 43 Update: jpegxl-0.11.2-1.fc43

This package contains a reference implementation of JPEG XL encoder and decoder...

[SECURITY] Fedora 44 Update: jpegxl-0.11.2-1.fc44

This package contains a reference implementation of JPEG XL encoder and decoder...

Astra Linux - уязвимость в python3.7, php7.3

The Keccak XKCP SHA-3 reference implementation, prior to the update of fdc6fef, has an integer overflow and resulting buffer overflow issue. This vulnerability allows attackers to execute arbitrary code or compromise the expected cryptographic properties of the algorithm. This issue occurs within...

CVE-2026-42217

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger decodes a variable-length integer fro...

CVE-2026-42216

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...

CVE-2026-41142

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, there is an integer overflow in ImageChannel::resize that leads...

UBUNTU-CVE-2026-40250

OpenEXR provides the specification and reference implementation of the...

UBUNTU-CVE-2026-39886

OpenEXR provides the specification and reference implementation of the...

CVE-2026-40250

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1040 performs chan-width chan-bytesperelement in...

CVE-2026-40244

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

AppSec-Penetration-Testing-Lab

🔐 AppSec Penetration Testing Lab A hands-on application sec...

[SECURITY] Fedora 43 Update: python-scitokens-1.9.7-1.fc43

SciToken reference implementation library...

Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation

CVE-2025-2884 is regarding a vulnerability in TCG TPM2.0 Reference implementation's CryptHmacSign helper function that is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. CERT/CC created this CVE on their behalf. The documente...

CVE-2025-49133

Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group, is prone to a potential out of bounds OOB read vulnerability. The...

CPython 安全漏洞

CPython is a Python interpreter implemented in C from the Python Foundation. A security vulnerability exists in CPython that stems from the default use of user-writable file paths on Windows platforms, which could lead to memory errors or file type misclassification...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to a denial of service (CVE-2024-45085)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to a denial of service when a JSF application configured with Sun Reference Implementation 1.2 is deployed. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a denial of service (CVE-2024-45085)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a denial of service when a JSF application configured with Sun Reference Implementation 1.2 is deployed. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: IBM WebSphere Application Server is vulnerable to a denial of service (CVE-2024-45085)

Summary IBM WebSphere Application Server is vulnerable to a denial of service when a JSF application configured with Sun Reference Implementation 1.2 is deployed. Vulnerability Details CVEID:CVE-2024-45085 DESCRIPTION: IBM WebSphere Application Server is vulnerable to a denial of service, under...

Malicious code in reference-implementation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 051f4d558f24b6f5d2f54e122fac061a3312288839b9679ffcdadf0210dd32fb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

[SECURITY] Fedora 40 Update: jpegxl-0.8.3-1.fc40

This package contains a reference implementation of JPEG XL encoder and decoder...