25 matches found
EUVD-2020-16293
Malware in sbrugna...
EUVD-2021-27147
Malware in sbrugna...
EUVD-2025-20176
Malicious code in bioql PyPI...
CVE-2025-53170
Null pointer dereference vulnerability in the application exit cause module Impact: Successful exploitation of this vulnerability may affect function stability...
CVE-2025-53170
CVE-2025-53170 affects Huawei HarmonyOS (noted in multiple sources) with a null pointer dereference in the Application Exit Reason module. The vulnerability is described as impacting function stability; CVSS details indicate a local exploit with low complexity and no user interaction. Affected ve...
CVE-2025-5351
A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...
EulerOS 2.0 SP12 : curl (EulerOS-SA-2024-2795)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field,...
Ubuntu 20.04 ESM / 22.04 ESM : OpenEXR vulnerabilities (USN-5620-1)
The remote Ubuntu 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5620-1 advisory. It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image...
Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2023-022)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-022 advisory. 2024-02-15: CVE-2021-20304 was added to this advisory. A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR...
Amazon Linux 2022 : openexr (ALAS2022-2022-216)
The version of openexr installed on the remote host is prior to 3.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-216 advisory. - An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause...
GLSA-202210-31 : OpenEXR: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202210-31 OpenEXR: Multiple Vulnerabilities - A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. T...
Important: tomcat8
Issue Overview: A flaw was found in the tomcat package. When a web application sends a WebSocket message concurrently with the WebSocket connection closing, the application may continue to use the socket after it has been closed. In this case, the error handling triggered could cause the pooled...
CVE-2021-3933
An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths...
CVE-2021-3933
An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths...
Integer overflow
An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths...
CVE-2021-3933
OpenEXR CVE-2021-3933: an integer overflow can occur when processing crafted images on platforms where size_t
CVE-2021-3933
An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths...
CVE-2021-3933
An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths...
SUSE SLED12 / SLES12 Security Update : openexr (SUSE-SU-2021:3843-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3843-1 advisory. - There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to...
openSUSE 15 Security Update : openexr (openSUSE-SU-2021:3844-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3844-1 advisory. - In ImfChromaticities.cpp routine RGBtoXYZ, there are some division operations such as float Z = 1 - chroma.white.x - chroma.white.y Y /...