Lucene search
K

20 matches found

SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.9 views

SUSE CVE-2026-43996

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...

5.5CVSS5.9AI score0.00177EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

5.5CVSS5.6AI score0.00177EPSS
Exploits1References3
Snyk
Snyk
added 2026/05/14 9:24 p.m.10 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to improper bounds checking in the decodepixel process. An attacker can trigger an out-of-bounds read by supplying a specially crafted TGA paletted image that causes integer wraparound during palette index...

6.8CVSS5.8AI score0.00177EPSS
Exploits1References2
OSV
OSV
added 2026/05/14 8:17 p.m.6 views

DEBIAN-CVE-2026-43996

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...

5.5CVSS5.9AI score0.00177EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-43996

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...

5.5CVSS5.9AI score0.00177EPSS
Exploits1References2
OSV
OSV
added 2026/05/14 8:17 p.m.8 views

UBUNTU-CVE-2026-43996

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...

5.5CVSS5.9AI score0.00177EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/05/14 7:8 p.m.10 views

CVE-2026-43996 OpenImageIO: Integer wraparound in bounds check of decode_pixel leads to out-of-bounds read in TGA paletted image decoder

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...

5.5CVSS5.9AI score0.00177EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.11 views

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an open-source image processing library developed by OpenImageIO. It features a user-friendly interface and supports a wide range of image formats. Versions of OpenImageIO prior to 3.0.18.0 and 3.1.13.0 contained a buffer error vulnerability. This vulnerability stemmed from...

5.5CVSS6AI score0.00177EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-12687

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. CVE-2018-12687 Note that Nessus relies on the presence of the package as reported by the...

7.5CVSS7.1AI score0.01399EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/03/31 1:57 a.m.5 views

SUSE CVE-2023-22845

An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

7.5CVSS6.7AI score0.00943EPSS
Exploits1References3
OSV
OSV
added 2023/03/30 4:15 p.m.1 views

DEBIAN-CVE-2023-22845

An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

7.5CVSS7.7AI score0.00943EPSS
Exploits1References1
OSV
OSV
added 2023/03/30 4:15 p.m.2 views

UBUNTU-CVE-2023-22845

An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

7.5CVSS5.8AI score0.00943EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/03/30 3:47 p.m.31 views

CVE-2023-22845

An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

7.5CVSS7.3AI score0.00943EPSS
Exploits1References1
Snyk
Snyk
added 2022/06/24 11:37 a.m.1 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow. In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData. Remediation Upgrade tinyexr to version 1.0.6 or higher. References - GitHub Issue...

8.8CVSS8.2AI score0.01354EPSS
Exploits1References3
OSV
OSV
added 2022/06/23 5:15 p.m.3 views

UBUNTU-CVE-2022-34300

In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData...

8.8CVSS6AI score0.01354EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/04/11 12:0 a.m.5 views

The vulnerability of the tinyexr::DecodePixelData function in the tinyexr.h component of the OpenEXR Tinyexr processing library allows a attacker to cause a service failure.

The vulnerability of the tinyexr::DecodePixelData function in the tinyexr.h component of the OpenEXR processing library involves integer overflow. Exploiting this vulnerability allows a malicious actor to cause service interruptions...

7.1CVSS6AI score0.0083EPSS
Exploits1References5Affected Software2
CNNVD
CNNVD
added 2021/07/21 12:0 a.m.5 views

Industrial Light And Magic(lim) OpenEXR 输入验证错误漏洞

Industrial Light And Magic lim OpenEXR is an image file format for high dynamic range HDR images from Industrial Light and Magic LIM Industrial Light And Magic lim, USA. A security vulnerability exists in OpenEXR version 0.9.5, which stems from an integer overflow override in...

5.5CVSS5.8AI score0.0083EPSS
Exploits1References3
OSV
OSV
added 2018/06/22 7:29 p.m.3 views

UBUNTU-CVE-2018-12687

tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h...

7.5CVSS7.1AI score0.01399EPSS
Exploits0References3
CNVD
CNVD
added 2018/06/12 12:0 a.m.2 views

tinyexr buffer overflow vulnerability (CNVD-2018-14428)

tinyexr is a small OpenEXR image load/save library. A buffer overflow vulnerability exists in the 'tinyexr::DecodePixelData' function of the tinyexr.h file in version 0.9.5 of tinyexr. An attacker can exploit this vulnerability to cause a buffer out-of-bounds read...

9.8CVSS9.6AI score0.0163EPSS
Exploits0References1
Snyk
Snyk
added 2018/06/11 11:29 a.m.1 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. Remediation There is no fixed version for tinyexr. References - GitHub Issue...

9.8CVSS7.2AI score0.0163EPSS
Exploits0References2
Rows per page
Query Builder