5949 matches found
PT-2026-30663
Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.2.0 through 3.2.6, 3.3.9, and 3.4.9 Description OpenEXR, an image storage format used in the motion picture industry, contains a flaw in the DWA lossy decoder. Specifically, the decoder uses signed 32-bit arithmetic to creat...
RHEL 7 : ImageMagick (RHSA-2026:6713)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6713 advisory. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fixes...
EUVD-2019-20067
SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition...
CVE-2019-25666
SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition...
CVE-2019-25666
SpotAuditor 3.6.7 contains a local buffer overflow in the Base64 Password Decoder component that allows an attacker to crash the application by supplying an oversized Base64 string to the decoder interface, resulting in a denial of service. The vulnerability is locally exploitable with no user in...
CVE-2019-25666 SpotAuditor 3.6.7 Denial of Service Buffer Overflow
SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition...
CVE-2019-25666
SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition...
CVE-2019-25666 SpotAuditor 3.6.7 Denial of Service Buffer Overflow
SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition...
Nsasoft SpotAuditor 缓冲区错误漏洞
Nsasoft SpotAuditor is a advanced password recovery software developed by the NSASoft company in the United States. It is designed to recover passwords that have been lost or forgotten from over 40 popular Windows programs and tools. Version 3.6.7 of SpotAuditor contains a buffer overflow...
PT-2026-30475
SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition...
SUSE CVE-2026-5313
A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...
Linux Distros Unpatched Vulnerability : CVE-2026-5313
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decode...
GHSA-H762-RHV3-H25V OpenEXR: integer overflow to OOB write in uncompress_b44_impl()
Summary The B44/B44A decoder in OpenEXR reconstructs row pointers into a scratch buffer using int. When the channel width nx is large enough, the product y nx overflows int, causing the row pointer to wrap before the start of the scratch buffer. Subsequent memcpy calls then write decoded pixel...
CLSA-2026-1775121288 ImageMagick: Fix of 7 CVEs
CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDoubleToLong - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...
Linux Distros Unpatched Vulnerability : CVE-2024-14030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sereal::Decoder versions from 4.000 through 4.009002 for Perl embeds a vulnerable version of the Zstandard library. Sereal::Decoder embeds a version of the...
Python Library OpenEXR 3.4.x < 3.4.7 Heap Buffer Overflow (OOB Read)
The version of the OpenEXR Python package installed on the remote host is 3.4.x prior to 3.4.7. It is, therefore, affected by a heap buffer overflow vulnerability: - A heap-buffer-overflow out-of-bounds read occurs in the the HTJ2K decoder in OpenEXR when copying decompressed samples from OpenJPH...
SUSE: Security Advisory (SUSE-SU-2026:20903-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ALPINE-CVE-2026-34743
XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...
CVE-2026-34743
XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...
EUVD-2026-18505
XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...