32 matches found
Important: Red Hat Security Advisory: openexr security update
An update for openexr is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2026-34543
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, sensitive information from heap memory may be leaked through the decoded pixel data information disclosure...
Heap-based Buffer Overflow
Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the EXR file parsing process due to improper validation of user-supplied data length before copying it to a heap-based buffer. An attacker can...
EUVD-2016-5616
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-18430
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage component, which can lead to a denial of service DOS. CVE-2020-18430...
CVE-2024-22526
Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service DoS via exr image file...
CVE-2024-22526
Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service DoS via exr image file...
Bandisoft bandiview 安全漏洞
Bandisoft bandiview is an image viewer and editor software from the Korean company Bandisoft. A security vulnerability exists in Bandisoft bandiview version v7.0, which originates from the presence of a buffer overflow vulnerability that could allow a local attacker to cause a denial of service D...
CVE-2024-22526
Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service DoS via exr image file...
CVE-2024-22526
Bandisoft Bandiview 7.0 is affected by CVE-2024-22526 due to a buffer overflow in EXR image handling, enabling a local attacker with low privileges and no user interaction to cause a DoS. The CVSS metrics indicate a local attack vector with a high impact on availability and no impact on confident...
CVE-2024-22526
Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service DoS via exr image file...
CVE-2024-28563
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the Imf22::DwaCompressor::Classifier::Classifier function when reading images in EXR format...
UBUNTU-CVE-2024-28569
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the Imf22::Xdr::read function when reading images in EXR format...
FreeImage Security Vulnerability
FreeImage is a cross-platform open source library for supporting popular graphic image formats. A security vulnerability exists in FreeImage version v.3.19.0, which stems from the presence of a buffer overflow vulnerability. A local attacker can exploit this vulnerability to cause a denial of...
Apple macOS EXR Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...
The vulnerability of the DwaCompressor::Classifier::Classifier function in software for storing images with wide dynamic range brightness in OpenEXR, related to a single offset error, allows attackers to cause service interruptions.
The vulnerability of the DwaCompressor::Classifier::Classifier function in software for storing images with wide dynamic range brightness in OpenEXR is related to a single-shift error. Exploiting this vulnerability could allow an attacker to cause service failures...
[ASA-202107-14] openexr: arbitrary code execution
Arch Linux Security Advisory ASA-202107-14 ========================================== Severity: Medium Date : 2021-07-06 CVE-ID : CVE-2021-3598 Package : openexr Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2071 Summary ======= The package openexr before...
USN-4900-1: OpenEXR vulnerabilities
It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...
Debian DLA-2358-1 : openexr security update
Multiple security issues were found in the OpenEXR image library, which could result in denial of service and potentially the execution of arbitrary code when processing malformed EXR image files. For Debian 9 stretch, these problems have been fixed in version 2.2.0-11+deb9u1. We recommend that y...
USN-4418-1 openexr vulnerabilities
It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...