Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2021-3598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an applicatio...

5.5CVSS6.7AI score0.00428EPSS
Exploits1References2
Rosalinux
Rosalinux
added 2023/10/17 12:58 p.m.42 views

Advisory ROSA-SA-2023-2248

software: openexr 2.5.8 OS: ROSA-CHROME packageevrstring: openexr-2.5.8-1.src.rpm CVE-ID: CVE-2021-3477 BDU-ID: 2021-01977 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the DeepTiledInputFile::initialize function src/lib/OpenEXR/ImfDeepTiledInputFile.cpp of the OpenEXR library is related to...

5.5CVSS8.2AI score0.01007EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-5620-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.2AI score0.01747EPSS
Exploits1References2
Debian
Debian
added 2022/12/11 11:52 p.m.65 views

[SECURITY] [DLA 3236-1] openexr security update

Debian LTS Advisory DLA-3236-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 12, 2022 https://wiki.debian.org/LTS Package : openexr Version : 2.2.1-4.1+deb10u2 CVE ID : CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 CVE-2021-3474 CVE-2021-3475 CVE-2021-34...

7.5CVSS6.3AI score0.01848EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2022/12/11 12:0 a.m.41 views

Debian DSA-5299-1 : openexr - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5299 advisory. Multiple security vulnerabilities have been found in OpenEXR, command-line tools and a library for the OpenEXR image format. Buffer overflows or out-of-bound read...

6.5CVSS6.4AI score0.01772EPSS
Exploits2References18
Debian
Debian
added 2022/12/10 4:27 p.m.83 views

[SECURITY] [DSA 5299-1] openexr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5299-1 [email protected] https://www.debian.org/security/ Markus Koschany December 10, 2022 https://www.debian.org/security/faq -...

6.5CVSS7AI score0.01772EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/10/31 12:0 a.m.36 views

GLSA-202210-31 : OpenEXR: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-31 OpenEXR: Multiple Vulnerabilities - A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. T...

8.8CVSS7.3AI score0.02291EPSS
Exploits3References14
Ubuntu
Ubuntu
added 2022/09/20 12:52 p.m.281 views

USN-5620-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. These issues only affected Ubuntu 20.04 ESM. CVE-2021-3598,...

6.5CVSS6.8AI score0.01747EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/07/13 12:0 a.m.51 views

Adobe Acrobat < 2017.011.30199 / 2020.004.30006 / 2021.005.20058 Multiple Vulnerabilities (APSB21-51)

The version of Adobe Acrobat installed on the remote Windows host is a version prior to 2017.011.30199, 2020.004.30006, or 2021.005.20058. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader DC versions 2021.005.20054 and earlier, 2020.004.30005 and earlier and 2017.011.30197...

9.3CVSS7.1AI score0.66052EPSS
Exploits0References20
OpenVAS
OpenVAS
added 2021/07/13 12:0 a.m.20 views

openSUSE: Security Advisory for openexr (openSUSE-SU-2021:2158-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6.1AI score0.01007EPSS
Exploits1References2
OSV
OSV
added 2021/07/11 12:38 p.m.5 views

OPENSUSE-SU-2021:2158-1 Security update for openexr

This update for openexr fixes the following issues: - Fixed CVE-2021-3605 bsc1187395: Heap buffer overflow in the rleUncompress function - Fixed CVE-2021-3598 bsc1187310: Heap buffer overflow in Imf31:CharPtrIO:readChars...

5.5CVSS6.1AI score0.01007EPSS
Exploits1References5
Mageia
Mageia
added 2021/07/10 12:56 p.m.48 views

Updated openexr packages fix security vulnerabilities

Updated openexr packages fix security vulnerabilities: It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

8.8CVSS3AI score0.02291EPSS
Exploits1References5
CVE
CVE
added 2021/07/06 12:0 a.m.257 views

CVE-2021-3598

OpenEXR vulnerability CVE-2021-3598 affects the ImfDeepScanLineInputFile component in OpenEXR before 3.0.5. An attacker who submits a crafted EXR file to an application linked with OpenEXR can trigger an out-of-bounds read, with the greatest risk stated as impact to application availability; some...

5.5CVSS5.3AI score0.00428EPSS
Exploits1References4Affected Software1
Debian
Debian
added 2021/07/03 6:16 p.m.205 views

[SECURITY] [DLA 2701-1] openexr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2701-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler July 03, 2021 https://wiki.debian.org/LTS -...

5.5CVSS7.2AI score0.01848EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2021/06/28 12:0 a.m.30 views

openSUSE 15 Security Update : openexr (openSUSE-SU-2021:0925-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:0925-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

5.5CVSS6.6AI score0.01007EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/06/28 12:0 a.m.39 views

SUSE SLED15 / SLES15 Security Update : openexr (SUSE-SU-2021:2158-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2158-1 advisory. - Fixed CVE-2021-3605 bsc1187395: Heap buffer overflow in the rleUncompress function - Fixed CVE-2021-3598 bsc1187310: Hea...

5.5CVSS6.7AI score0.01007EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/06/28 12:0 a.m.34 views

SUSE SLED12: libIlmImf-Imf_2_1-21 / libIlmImf-Imf_2_1-21-32bit / openexr / etc (SUSE-SU-2021:2159-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2159-1 advisory. - Fixed CVE-2021-3479 bsc1184354: Out-of-memory caused by allocation of a very large buffer - Fixed CVE-2021-3605...

5.5CVSS6.7AI score0.01007EPSS
Exploits1References10
OSV
OSV
added 2021/06/25 4:3 p.m.12 views

OPENSUSE-SU-2021:0925-1 Security update for openexr

This update for openexr fixes the following issues: - Fixed CVE-2021-3605 bsc1187395: Heap buffer overflow in the rleUncompress function - Fixed CVE-2021-3598 bsc1187310: Heap buffer overflow in Imf31:CharPtrIO:readChars This update was imported from the SUSE:SLE-15:Update update project...

5.5CVSS6.1AI score0.01007EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2021/06/25 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2021:2159-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.3AI score0.01007EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/06/25 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2021:2158-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.2AI score0.01007EPSS
Exploits1References5
Rows per page
Query Builder