Lucene search
K

95 matches found

CNVD
CNVD
added 2021/04/02 12:0 a.m.9 views

LIM OpenEXR Null Pointer Dereference Vulnerability

OpenEXR is an open-standard, high dynamic range image format that is widely used in computer graphics to store image data, but can also store some data needed for post-synthesis processing. A null pointer dereference vulnerability exists in the Dwa decompression function of the IlmImf library in...

5.3CVSS6.4AI score0.01747EPSS
Exploits0References1
CNVD
CNVD
added 2021/03/31 12:0 a.m.7 views

LIM OpenEXR Input Validation Error Vulnerability

Industrial Light And Magic LIM OpenEXR is an image file format from Industrial Light and Magic LIM, USA, for high dynamic range HDR images. An input validation error vulnerability exists in OpenEXR B44 uncompression, which can be exploited by an attacker to trigger a shift overflow and potentiall...

5.3CVSS6.7AI score0.01848EPSS
Exploits0References1
OSV
OSV
added 2021/02/05 11:2 a.m.4 views

OESA-2021-1007 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.8CVSS6.8AI score0.07508EPSS
Exploits5References11
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.36 views

EulerOS 2.0 SP5 : OpenEXR (EulerOS-SA-2021-1219)

According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - OpenEXR is a high dynamic-range HDR image file format developed by Industrial Light & Magic for use in computer imaging applications. This packa...

8.8CVSS8AI score0.0331EPSS
Exploits1References9
Microsoft KB
Microsoft KB
added 2021/02/03 12:0 a.m.10 views

March 29, 2021—KB5000842 (OS Builds 19041.906 and 19042.906) Preview

March 29, 2021—KB5000842 OS Builds 19041.906 and 19042.906 Preview 2/24/21 IMPORTANT As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update WU and Windows Server Update Services WSUS. Installing KB4577586 will remove Adobe Flash Player...

6.5AI score
Exploits0
CNVD
CNVD
added 2020/12/15 12:0 a.m.28 views

Industrial Light and Magic Academy Software Foundation OpenEXR code issue vulnerability

Industrial Light and Magic Academy Software Foundation OpenEXR is an image file format from Industrial Light and Magic for High Dynamic Range HDR images.A code issue vulnerability exists in Industrial Light and Magic Academy Software Foundation OpenEXR, which stems from A null pointer compliance...

5.5CVSS1.4AI score0.01204EPSS
Exploits1References1
CNNVD
CNNVD
added 2020/12/09 12:0 a.m.9 views

Industrial Light And Magic OpenEXR 缓冲区错误漏洞

Industrial Light And Magic Academy Software Foundation OpenEXR is an image file format for high dynamic range HDR images. industrial Light And Magic Academy Software Foundation A buffer overflow vulnerability exists in OpenEXR, which can be exploited by remote attackers to submit special file...

5.5CVSS7AI score0.01134EPSS
Exploits1References9
OSV
OSV
added 2020/12/03 5:15 p.m.2 views

DEBIAN-CVE-2020-27762

A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could...

5.5CVSS6.6AI score0.01091EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/03 12:0 a.m.7 views

ImageMagick Studio ImageMagick 输入验证错误漏洞

Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in versions prior to ImageMagick 7.0.8-68, which stem...

5.5CVSS6.7AI score0.01091EPSS
Exploits0References12
Cent OS
Cent OS
added 2020/10/20 6:35 p.m.123 views

OpenEXR security update

CentOS Errata and Security Advisory CESA-2020:4039 An update for OpenEXR is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

5.5CVSS6.7AI score0.01793EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2020/09/29 12:0 a.m.36 views

RHEL 7 : OpenEXR (RHSA-2020:4039)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4039 advisory. OpenEXR is a high dynamic-range HDR image file format developed by Industrial Light & Magic for use in computer imaging applications. This...

5.5CVSS7.3AI score0.01793EPSS
Exploits3References10
CNVD
CNVD
added 2020/09/18 12:0 a.m.2 views

SAP 3D Visual Enterprise Viewer Input Validation Error Vulnerability (CNVD-2020-53163)

SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. An input validation error vulnerability exists in SAP 3D Visual Enterprise Viewer 9, which can be exploited by an attacker to cause an application crash via a specially crafted HDR file...

4.3CVSS6.8AI score0.01623EPSS
Exploits0References1
OSV
OSV
added 2020/09/09 1:15 p.m.3 views

CVE-2020-6337

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HDR file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

4.3CVSS5.8AI score0.01623EPSS
Exploits0References3
CNVD
CNVD
added 2020/06/28 12:0 a.m.9 views

Industrial Light and Magic OpenEXR Resource Management Error Vulnerability

Industrial Light and Magic LIM OpenEXR is an image file format from Industrial Light and Magic LIM, USA, for high dynamic range HDR images. The IlmImf/ImfDeepScanLineInputFile.cpp file in Industrial Light and Magic OpenEXR versions prior to 2.5.2 has 'DeepScanLineInputFile:: DeepScanLineInputFile...

5.5CVSS6.5AI score0.00417EPSS
Exploits0
CNVD
CNVD
added 2020/06/28 12:0 a.m.8 views

Industrial Light and Magic OpenEXR Code Issue Vulnerability

Industrial Light and Magic LIM OpenEXR is an image file format from Industrial Light and Magic LIM, USA, for high dynamic range HDR images. A code problem exists in the 'TiledInputFile::TiledInputFile' function of the IlmImf/ImfTiledInputFile.cpp file in versions of Industrial Light and Magic...

5.5CVSS5.4AI score0.00399EPSS
Exploits0
CNVD
CNVD
added 2020/04/15 12:0 a.m.1 views

Industrial Light and Magic OpenEXR Buffer Overflow Vulnerability

Industrial Light and Magic LIM OpenEXR is an image file format for high dynamic range HDR images from Industrial Light and Magic LIM, USA. A buffer overflow vulnerability exists in the ImfTileOffsets.cpp file in versions of LIM OpenEXR prior to 2.4.1. The vulnerability stems from a networked syst...

5.5CVSS7.3AI score0.01793EPSS
Exploits1References1
OSV
OSV
added 2018/04/24 7:29 p.m.1 views

DEBIAN-CVE-2017-2904

An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.hdr' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...

7.8CVSS8AI score0.01866EPSS
Exploits1References1
OSV
OSV
added 2018/04/24 7:29 p.m.2 views

UBUNTU-CVE-2017-2904

An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.hdr' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...

8.8CVSS7.7AI score0.01866EPSS
Exploits1References4
CNVD
CNVD
added 2018/01/12 12:0 a.m.4 views

Blender Sequencer imb_loadhdr Integer Overflow Vulnerability

Blender is an open source cross-platform all-in-one 3D animation software, providing a series of animated short film production solutions from modeling, animation, materials, rendering, to audio processing, video editing and so on. An integer overflow vulnerability exists in Blender Sequencer...

8.8CVSS7.8AI score0.01866EPSS
Exploits1References1
seebug.org
seebug.org
added 2017/10/17 12:0 a.m.72 views

Apple Image I/O EXR Color Component Remote Code Execution Vulnerability(CVE-2016-4629)

SUMMARY An exploitable heap based buffer overflow exists in the handling of EXR images on OS X. A crafted EXR document can lead to a heap based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved EXR file delivered by other means when opened in any...

10CVSS9.7AI score0.07418EPSS
Exploits2
Rows per page
Query Builder