EUVD-2026-24041

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

CVE-2026-39886

CVE-2026-39886 affects OpenEXR up to version 3.4.9. A signed 32-bit overflow in ht_undo_impl() (internal_ht.cpp) of the HTJ2K decompression path can cause a per-scanline pointer arithmetic error, potentially leading to a heap out-of-bounds write when a crafted EXR with 16,385 FLOAT channels at ma...

OpenEXR 输入验证错误漏洞

OpenEXR is an open standard for high dynamic range image HDR file format, open-sourced by the Academy Software Foundation. Versions 3.4.0 to 3.4.9 of OpenEXR contain a input validation vulnerability. This vulnerability stems from an integer overflow in the 32-bit signed integer bpl value of the...

PT-2026-33907

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.0 Description OpenEXR provides the specification and reference implementation of the EXR file format, which is an image storage format used in the motion picture industry. Recommendations At the moment, there...

EUVD-2024-48265

Malicious code in bioql PyPI...

CVE-2024-7326

A vulnerability classified as critical has been found in IObit DualSafe Password Manager 1.4.0.3. This affects an unknown part in the library RTL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The...

BPL Medical Technologies PWS-01-BT and BPL Be Well Android Application

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION : Low attack complexity/public exploits are available Vendor : BPL Medical Technologies Equipment : PWS-01-BT, Be Well Android App Vulnerability : Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of...

CVE-2024-34463

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. The packet data also lacks authentication and integrity protection...

CVE-2024-34463

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. The packet data also lacks authentication and integrity protection...

CVE-2024-34463

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. The packet data also lacks authentication and integrity protection...

The vulnerability of the BPL Handler component in the IObit DualSafe Password Manager allows a hacker to execute arbitrary commands.

The vulnerability of the BPL Handler component in the IObit DualSafe Password Manager is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a hacker to execute arbitrary commands...

CVE-2024-7326

A vulnerability classified as critical has been found in IObit DualSafe Password Manager 1.4.0.3. This affects an unknown part in the library RTL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The...

CVE-2024-7326 IObit DualSafe Password Manager BPL RTL120.BPL uncontrolled search path

A vulnerability classified as critical has been found in IObit DualSafe Password Manager 1.4.0.3. This affects an unknown part in the library RTL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The...

CVE-2024-7326

CVE-2024-7326 concerns IObit DualSafe Password Manager 1.4.0.3. Connected data specifies an issue in the BPL Handler’s RTL120.BPL library that enables an uncontrolled search path, allowing a local attacker to execute arbitrary commands. The root cause is tied to the RTL120.BPL component within th...

CVE-2024-7326 IObit DualSafe Password Manager BPL RTL120.BPL uncontrolled search path

A vulnerability classified as critical has been found in IObit DualSafe Password Manager 1.4.0.3. This affects an unknown part in the library RTL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The...

CVE-2024-7325

A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The...

CVE-2024-7325

A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The...

CVE-2024-7325 IObit Driver Booster BPL VCL120.BPL uncontrolled search path

A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The...

CVE-2024-7325

CVE-2024-7325 affects IObit Driver Booster 11.0.0.0. The issue is in the VCL120.BPL library of the BPL Handler, causing an uncontrolled search path when manipulated. Local access is required for exploitation. Impact is described as high for confidentiality, integrity, and availability. Multiple s...

CVE-2024-7324 IObit iTop Data Recovery Pro BPL madbasic_.bpl uncontrolled search path

A vulnerability was found in IObit iTop Data Recovery Pro 4.4.0.687. It has been declared as critical. Affected by this vulnerability is an unknown functionality in the library madbasic.bpl of the component BPL Handler. The manipulation leads to uncontrolled search path. Local access is required ...