106 matches found
PT-2026-56357
Name of the Vulnerable Software and Affected Versions Foxit PDF Editor/Reader affected versions not specified Description The PRC file header parsing logic trusts the constructed file structure description information and assumes the underlying array contains elements. When reading these elements...
PT-2026-53260
Name of the Vulnerable Software and Affected Versions SzafirHost versions prior to 1.2.2 Description SzafirHost is susceptible to remote code execution due to a discrepancy between how it verifies and extracts native library archives. The software uses a JarFile parser to verify the archive by...
MINI-FH2H-X7M5-MJ7F
Bulletin has no description...
Important: openexr
Issue Overview: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signe...
CVE-2026-5673
A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI Audio Video Interleave parser, specifically in the aviparseinputfile function. A local attacker could exploit this by tricking a user into opening a specially crafted AVI file containing a...
CVE-2026-26282
NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, NanaZip has an out-of-bounds heap read in .NET Single File bundle header parser due to missing bounds check. Opening a crafted file with NanaZip causes a crash or leaks heap data to the user...
CVE-2026-26282 NanaZip has DotNet Single file OOB Heap Read
NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, NanaZip has an out-of-bounds heap read in .NET Single File bundle header parser due to missing bounds check. Opening a crafted file with NanaZip causes a crash or leaks heap data to the user...
PT-2026-20927
NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, NanaZip has an out-of-bounds heap read in .NET Single File bundle header parser due to missing bounds check. Opening a crafted file with NanaZip causes a crash or leaks heap data to the user...
CVE-2021-28977
Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header information to the content of xla, pages, and gzip files,...
EUVD-2007-4945
Malware in sbrugna...
EUVD-2007-4447
Malware in sbrugna...
EUVD-2013-1943
Malware in sbrugna...
EUVD-2012-1601
Malware in sbrugna...
EUVD-2021-15624
Malware in sbrugna...
EUVD-2025-21298
Malicious code in bioql PyPI...
EUVD-2022-35111
Malicious code in bioql PyPI...
CLSA-2025-1755885569 zziplib: Fix of CVE-2020-18770
CVE-2020-18770: fix denial-of-service issue in zzipdiskentrytofileheader function in mmapped.c...
CVE-2025-48074 OpenEXR's Unbounded File Header Values can Lead to Out-Of-Memory Errors
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance...
CVE-2025-48074 OpenEXR's Unbounded File Header Values can Lead to Out-Of-Memory Errors
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance...
OpenEXR Out-Of-Memory via Unbounded File Header Values
Summary The OpenEXR file format defines many information about the final image inside of the file header, such as the size of data/display window. The application trusts the value of dataWindow size provided in the header of the input file, and performs computations based on this value. This may...