Lucene search
K

147 matches found

SUSE CVE
SUSE CVE
added 2025/10/06 11:22 p.m.3 views

SUSE CVE-2025-59730

When decoding a frame for a SANM file ANIM v0 variant, the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution width x height. A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame...

5.7CVSS6.8AI score0.00149EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/10/06 11:22 p.m.4 views

SUSE CVE-2025-59731

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...

6.9CVSS5.9AI score0.0016EPSS
Exploits0References3
Snyk
Snyk
added 2025/10/06 8:44 a.m.3 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the oldcodec48 process when decoding SANM frames using run-length encoding, as the decoded data may exceed the allocated buffer size. An attacker can cause memory corruption or potentially execute arbitrary code b...

6.2CVSS7.7AI score0.00149EPSS
Exploits0References2
NVD
NVD
added 2025/10/06 8:15 a.m.5 views

CVE-2025-59731

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...

6.9CVSS0.0016EPSS
Exploits0References1
OSV
OSV
added 2025/10/06 8:15 a.m.2 views

UBUNTU-CVE-2025-59730

When decoding a frame for a SANM file ANIM v0 variant, the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution width x height. A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame...

5.7CVSS6AI score0.00149EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/06 8:9 a.m.5 views

EUVD-2025-32516

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...

6.9CVSS6.5AI score0.0016EPSS
Exploits0References2
CVE
CVE
added 2025/10/06 8:9 a.m.17 views

CVE-2025-59731

OpenEXR/FFmpeg CVE-2025-59731 describes a vulnerability in DWAA/DWAB run-length decoding where the rle_raw_size is not checked when calculating output data. The decoder reads rle_raw_size, decompresses into td->rle_raw_data, and may access entries up to (td->xsize-1)*(td->ysize-1) + rle_...

6.9CVSS6.6AI score0.0016EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/10/06 8:9 a.m.3 views

CVE-2025-59731

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...

6.9CVSS7.1AI score0.0016EPSS
Exploits0
EUVD
EUVD
added 2025/10/06 8:9 a.m.5 views

EUVD-2025-32517

When decoding a frame for a SANM file ANIM v0 variant, the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution width x height. A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame...

5.7CVSS6.5AI score0.00149EPSS
Exploits0References2
CVE
CVE
added 2025/10/06 8:9 a.m.23 views

CVE-2025-59730

CVE-2025-59730 affects SANM/ANIM v0 frames decoded by the old_codec48 path in FFmpeg. The issue: when decoding a frame, the run-length encoded data can exceed the allocated buffer because there are no bounds checks for decoded frame size, causing a heap-buffer-overflow. Affected component/functio...

5.7CVSS6.6AI score0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/06 8:9 a.m.10 views

CVE-2025-59730 Heap-buffer-overflow write in FFmpeg SANM decoding due to lack of bounds-checking in old_codec48

When decoding a frame for a SANM file ANIM v0 variant, the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution width x height. A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame...

5.7CVSS0.00149EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/10/06 8:9 a.m.4 views

CVE-2025-59730

When decoding a frame for a SANM file ANIM v0 variant, the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution width x height. A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame...

5.7CVSS7.1AI score0.00149EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25738

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.00691EPSS
Exploits1References1
Snyk
Snyk
added 2025/08/25 2:41 p.m.2 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the PSD RLE Decoding functionality. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted .psd file that triggers a heap-based buffer overflow during...

8.8CVSS7.8AI score0.00691EPSS
Exploits1References2
CVE
CVE
added 2025/08/25 2:17 p.m.34 views

CVE-2025-53085

CVE-2025-53085 impacts the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8 . The vulnerability is described as a memory corruption causing a heap-based buffer overflow when decompressing image data from a specially crafted PSD file, enabling remote code execution. Exploit...

8.8CVSS8.4AI score0.00691EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/08/25 2:17 p.m.7 views

CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

8.8CVSS0.00691EPSS
Exploits1References1
CVE
CVE
added 2025/08/25 2:17 p.m.29 views

CVE-2025-52930

CVE-2025-52930 affects the BMPv3 RLE Decoding functionality in the SAIL Image Decoding Library v0.9.8 . A memory corruption due to a heap-based buffer overflow during BMP data decompression can lead to remote code execution if an attacker can induce the library to read a specially crafted BMP fil...

8.8CVSS8.4AI score0.00691EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/08/25 12:0 a.m.6 views

SAIL 安全漏洞

SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version 0.9.8, which stems from a heap buffer overflow in the BMPv3 RLE decoding function that could lead to remote code execution...

8.8CVSS7.9AI score0.00691EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.3 views

PT-2025-34626 · Unknown · Sail Image Decoding Library

Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the PSD RLE Decoding functionality. Decompressing image data from a crafted .psd file can lead to a heap-based buffer overflow, potentially allowing fo...

8.8CVSS7.2AI score0.00691EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-38143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to...

9.8CVSS8.6AI score0.01423EPSS
Exploits1References2
Rows per page
Query Builder