Lucene search
K

85 matches found

NVD
NVD
added 2026/06/24 2:17 p.m.10 views

CVE-2026-42450

OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...

8.4CVSS0.0012EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 1:20 p.m.8 views

EUVD-2026-38769

OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 1:20 p.m.34 views

CVE-2026-42450

Summary: OpenColorIO vulnerability CVE-2026-42450 arises from a stack buffer overflow in the SPI3D LUT parser. The issue is in FileFormatSpi3D.cpp:163, where an unbounded sscanf using “%s” writes into 64-byte stack buffers, with input from lineBuffer[4096], allowing a crafted .spi3d file to overf...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: idpf: Fixed a NULL pointer crash that occurred during early ethtool operations. The RSS LUT is not initialized until the interface becomes active. This caused a NULL pointer crash when ethtool operations like rxhash were...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References1
NVD
NVD
added 2026/05/06 12:16 p.m.36 views

CVE-2026-43241

In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAXMWS, This patch protects against invalid index out of bounds access to mwsizes When invalid access prin...

7.1CVSS0.00126EPSS
Exploits0References8
NVD
NVD
added 2026/05/06 12:16 p.m.5 views

CVE-2026-43141

In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario rounddownpowoftwo will cause undefined behaviour and should not be performed. This...

7.1CVSS0.00131EPSS
Exploits0References8
CVE
CVE
added 2026/05/06 11:27 a.m.18 views

CVE-2026-43141

Summary : CVE-2026-43141 affects the Linux kernel ntb_hw_switchtec code, where the number of MW LUTs can be configured to zero. In that scenario, a call to rounddown_pow_of_two could trigger undefined behavior. The patch ensures rounddown_pow_of_two is only applied to a valid value. Impact : Unde...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.7 views

CVE-2026-43141

In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario rounddownpowoftwo will cause undefined behaviour and should not be performed. This...

7.1CVSS5.7AI score0.00131EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario...

7.1CVSS7AI score0.00131EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/01 11:1 p.m.5 views

CVE-2026-34553

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a defect in LUT dump/iteration logic affecting CIccCLUT::Iterate and output produced by CIccMBB::Describe via CLUT dumping. This issue has been patched in version 2.3.1....

4CVSS5.8AI score0.00159EPSS
Exploits1References1
NVD
NVD
added 2026/03/31 11:17 p.m.5 views

CVE-2026-34552

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in versio...

6.2CVSS0.00156EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 10:17 p.m.3 views

CVE-2026-34553

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a defect in LUT dump/iteration logic affecting CIccCLUT::Iterate and output produced by CIccMBB::Describe via CLUT dumping. This issue has been patched in version 2.3.1....

4CVSS5.8AI score0.00159EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 10:17 p.m.3 views

CVE-2026-34553 iccDEV: DoS in CIccCLUT::Iterate() & CIccMBB::Describe()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a defect in LUT dump/iteration logic affecting CIccCLUT::Iterate and output produced by CIccMBB::Describe via CLUT dumping. This issue has been patched in version 2.3.1....

4CVSS5.8AI score0.00159EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/31 10:14 p.m.3 views

CVE-2026-34551 iccDEV: NPD in CIccTagLut16::Write()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a null-pointer dereference NPD in CIccTagLut16::Write can be triggered when processing a crafted ICC profile embedded in a TIFF and extracted during iccTiffDump. This issue has...

6.2CVSS5.7AI score0.00156EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.8 views

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities, which were caused by defects in the LUT dump/iteration logic...

4CVSS5.9AI score0.00159EPSS
Exploits1References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 12:52 a.m.6 views

Malicious code in @validator-lut-sdk/v3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cb4c0ee3137b51767f901297bd8743d7f23109b2897aec6b659a433c5c29a86 The package @validator-lut-sdk/v3 was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/03/26 12:52 a.m.4 views

Malicious Package

Overview @validator-lut-sdk/v3 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/03/26 12:52 a.m.7 views

Malicious Package

Overview validator-lut-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 12:52 a.m.8 views

Malicious code in validator-lut-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c9f447a3c02a6c7ea716862009fcf6853c8d52e05144fa78746cbdbfe3ef000 The package validator-lut-sdk was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/26 12:52 a.m.5 views

MAL-2026-2227 Malicious code in validator-lut-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c9f447a3c02a6c7ea716862009fcf6853c8d52e05144fa78746cbdbfe3ef000 The package validator-lut-sdk was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
Rows per page
Query Builder