Lucene search
K

231 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-38143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to...

9.8CVSS8.6AI score0.01423EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-35655

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled...

5.8CVSS6.6AI score0.01573EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.3 views

PT-2025-40877

Name of the Vulnerable Software and Affected Versions OpenEXR versions prior to 8.0 Description The software is susceptible to an issue when decoding OpenEXR files that utilize DWAA or DWAB compression. Specifically, the length of run-length-encoded data is not validated during the decoding...

9.8CVSS6.9AI score0.01545EPSS
Exploits7References60
RedhatCVE
RedhatCVE
added 2025/05/22 5:30 p.m.4 views

CVE-2020-6361

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RLE files received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

4.3CVSS6.6AI score0.01623EPSS
Exploits0References1
OSV
OSV
added 2024/11/22 9:15 p.m.3 views

CVE-2024-11519

IrfanView RLE File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

7.8CVSS6.2AI score0.00427EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.5 views

IrfanView 安全漏洞

IrfanView is an image viewer by the individual developer Irfan Skiljan. It supports image browsing, image editing, image format conversion and more. IrfanView suffers from a security vulnerability that stems from the RLE file parsing feature containing an out-of-bounds write issue. An attacker...

7.8CVSS8.1AI score0.0058EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/21 12:0 a.m.6 views

PT-2024-17048 · Irfanview · Irfanview

Name of the Vulnerable Software and Affected Versions: IrfanView affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this issue, where the target must visit a...

7.8CVSS7.2AI score0.00438EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.9 views

kernel: null pointer when load rlc firmware

A vulnerability was found in the drm/amdgpu driver of Linux Kernel, causing null pointer dereference when attempting to load RLC Run-Length Coding firmware. This issue arises if the firmware has an incorrect header size, causing premature release of the firmware pointer in amdgpuucoderequest,...

5.5CVSS6.8AI score0.00227EPSS
Exploits0References5
OSV
OSV
added 2023/12/07 4:15 a.m.6 views

CVE-2023-40238

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address duri...

5.5CVSS5.8AI score0.01858EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.9 views

kernel: null pointer when load rlc firmware

A vulnerability was found in the drm/amdgpu driver of Linux Kernel, causing null pointer dereference when attempting to load RLC Run-Length Coding firmware. This issue arises if the firmware has an incorrect header size, causing premature release of the firmware pointer in amdgpuucoderequest,...

5.5CVSS6.8AI score0.00227EPSS
Exploits0References5
Fedora
Fedora
added 2023/04/15 2:17 a.m.68 views

[SECURITY] Fedora 38 Update: bzip3-1.3.0-1.fc38

These are tools for compressing, decompressing, printing, and searching bzip3 files. bzip3 features higher compression ratios and better performance than bzip2 thanks to an order-0 context mixing entropy coder, a fast Burrows-Wheeler transform code making use of suffix arrays and a run-length...

8.8CVSS7AI score0.00916EPSS
Exploits6
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.3 views

SUSE CVE-2004-0803

Multiple vulnerabilities in the RLE run length encoding decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files...

7.5CVSS8.2AI score0.08268EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.6 views

SUSE CVE-2009-0196

Heap-based buffer overflow in the big2decodesymboldict function jbig2symboldict.c in the JBIG2 decoding library jbig2dec in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run...

9.3CVSS8.4AI score0.07365EPSS
Exploits2References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:41 a.m.8 views

SUSE CVE-2013-0852

The parsepicturesegment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access...

9.3CVSS7.2AI score0.02108EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.5 views

SUSE CVE-2015-4588

Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file...

6.8CVSS6.7AI score0.09221EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.3 views

SUSE CVE-2016-10050

Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service application crash or have other unspecified impact via a crafted RLE file...

7.8CVSS9.2AI score0.02018EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.4 views

SUSE CVE-2017-11352

In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144...

6.5CVSS8.9AI score0.01843EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.2 views

SUSE CVE-2019-11006

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet...

4.4CVSS6.7AI score0.029EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.4 views

SUSE CVE-2020-11760

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp...

3.3CVSS7AI score0.01807EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.4 views

SUSE CVE-2022-36354

A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensiti...

5.3CVSS7.1AI score0.00787EPSS
Exploits1References6
Rows per page
Query Builder