CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

123 matches found

SUSE CVE•added 2026/05/16 1:11 a.m.•4 views

SUSE CVE-2026-43909

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the loop index expression i 4 inside SwapRGBABytes causes the function to compute a large negative...

8.8CVSS5.9AI score0.00042EPSS

Exploits1References3

RedhatCVE•added 2026/05/15 2:2 p.m.•4 views

CVE-2026-43907

A flaw was found in OpenImageIO. A remote attacker can exploit a signed integer overflow vulnerability by providing a specially crafted DPX image file. This flaw leads to a heap-based out-of-bounds write, which can result in a denial of service crash or potentially arbitrary code execution in...

8.3CVSS6.3AI score0.00072EPSS

Exploits1References2

RedhatCVE•added 2026/05/15 2:2 p.m.•5 views

CVE-2026-43909

A flaw was found in OpenImageIO. A signed 32-bit integer overflow in the SwapRGBABytes function, triggered when processing kABGR DPX images with large dimensions, can lead to an out-of-bounds read and write. This allows a remote attacker to potentially execute arbitrary code or cause a denial of...

8.8CVSS6.2AI score0.00042EPSS

Exploits1References2

Tenable Nessus•added 2026/05/15 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-43907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

8.3CVSS6.6AI score0.00072EPSS

Exploits1References3

Snyk•added 2026/05/14 9:22 p.m.•5 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the SwapRGBABytes process. An attacker can trigger out-of-bounds memory access by supplying a specially crafted kABGR DPX image with large dimensions, leading to potential reading from or writing to unintended...

8.8CVSS5.8AI score0.00042EPSS

Exploits1References2

Snyk•added 2026/05/14 9:21 p.m.•5 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the QueryRGBBufferSizeInternal function when processing crafted DPX image files. An attacker can cause a heap-based out-of-bounds write by supplying a specially crafted DPX file that triggers an integer...

8.3CVSS6.3AI score0.00072EPSS

Exploits1References2

OSV•added 2026/05/14 8:17 p.m.•1 views

DEBIAN-CVE-2026-43909

8.8CVSS5.9AI score0.00042EPSS

Exploits1References1

NVD•added 2026/05/14 8:17 p.m.•4 views

CVE-2026-43909

8.8CVSS0.00042EPSS

Exploits1References1

NVD•added 2026/05/14 8:17 p.m.•4 views

CVE-2026-43907

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGBBufferSizeInternal in DPXColorConverter.cpp leads to a heap-based out-of-bounds write when...

8.3CVSS0.00072EPSS

Exploits1References1

OSV•added 2026/05/14 8:17 p.m.•3 views

DEBIAN-CVE-2026-43907

8.3CVSS6.6AI score0.00072EPSS

Exploits1References1

UbuntuCve•added 2026/05/14 8:17 p.m.•3 views

CVE-2026-43907

8.3CVSS6.6AI score0.00072EPSS

Exploits1References2

OSV•added 2026/05/14 8:17 p.m.•2 views

UBUNTU-CVE-2026-43909

8.8CVSS5.9AI score0.00042EPSS

Exploits1References3

UbuntuCve•added 2026/05/14 8:17 p.m.•2 views

CVE-2026-43909

8.8CVSS5.9AI score0.00042EPSS

Exploits1References2

Debian CVE•added 2026/05/14 7:7 p.m.•7 views

CVE-2026-43907

8.3CVSS6.6AI score0.00072EPSS

Exploits1

Vulnrichment•added 2026/05/14 7:7 p.m.•3 views

CVE-2026-43907 OpenImageIO: Integer overflow in QueryRGBBufferSizeInternal leads to heap out-of-bounds write in DPX decoder (kCbYCr and kABGR)

8.3CVSS6.6AI score0.00072EPSS

Exploits1References1

EUVD•added 2026/05/14 7:7 p.m.•6 views

EUVD-2026-30410

8.3CVSS6.6AI score0.00072EPSS

Exploits1References1

Cvelist•added 2026/05/14 7:7 p.m.•26 views

CVE-2026-43907 OpenImageIO: Integer overflow in QueryRGBBufferSizeInternal leads to heap out-of-bounds write in DPX decoder (kCbYCr and kABGR)

8.3CVSS0.00072EPSS

Exploits1References1

AlpineLinux•added 2026/05/14 7:7 p.m.•7 views

CVE-2026-43907

8.3CVSS6.6AI score0.00072EPSS

Exploits1References1

CVE•added 2026/05/14 7:7 p.m.•7 views

CVE-2026-43907

OpenImageIO contains a heap-based out-of-bounds write in DPX decoding due to a signed integer overflow in QueryRGBBufferSizeInternal() (DPXColorConverter.cpp). When processing crafted DPX files, 32-bit signed arithmetic with negative multipliers leads to a negative result that is misinterpreted a...

8.3CVSS6.6AI score0.00072EPSS

Exploits1References1Affected Software1

Cvelist•added 2026/05/14 7:1 p.m.•25 views

CVE-2026-43908 OpenImageIO: Signed integer overflow in ConvertCbYCrYToRGB leads to heap out-of-bounds write in DPX 4:2:2 decoder

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the pixel-loop index expression i 3 inside ConvertCbYCrYToRGB causes the function to compute a larg...

8.8CVSS0.00053EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by