Lucene search
+L

331 matches found

Rockylinux
Rockylinux
added 3 days ago9 views

openexr security update

An update is available for openexr. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenEXR is an open-source high-dynamic-range floating-point image file forma...

9.1CVSS6.4AI score0.00465EPSS
Exploits2
OSV
OSV
added 3 days ago3 views

RLSA-2026:38499 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

8.8CVSS6.4AI score0.00465EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 4 days ago5 views

OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files

A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...

9.1CVSS6.1AI score0.00465EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 4 days ago5 views

OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files

A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...

9.1CVSS6.1AI score0.00465EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 4 days ago5 views

OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files

A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...

9.1CVSS6.1AI score0.00465EPSS
Exploits1References5
OSV
OSV
added 4 days ago2 views

ALSA-2026:38499 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

9.1CVSS6.4AI score0.00465EPSS
Exploits2References6
OSV
OSV
added 4 days ago2 views

ALSA-2026:38498 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

9.1CVSS6.4AI score0.00465EPSS
Exploits2References6
OSV
OSV
added 2026/07/06 2:23 p.m.2 views

OPENSUSE-SU-2026:21242-1 Security update for assimp

This update for assimp fixes the following issues - CVE-2025-11277: large mWidth and mHeight dimensions can lead to integer overflow and a heap-based buffer overflow bsc1251019. - CVE-2026-10197: NULL pointer dereference in ImportEmbeddedTextures when mimeType lacks '/' bsc1266996. -...

7.8CVSS6.5AI score0.00222EPSS
Exploits1References10
EUVD
EUVD
added 2026/07/01 5:53 p.m.7 views

EUVD-2022-49111

Open Babel has out-of-bounds write in MOPAC translationVectors FINAL POINT...

9.8CVSS7.2AI score0.00863EPSS
Exploits1References5
EUVD
EUVD
added 2026/07/01 5:44 p.m.4 views

EUVD-2022-39966

Open Babel has out-of-bounds write in Gaussian coordstype orientation parser...

7.8CVSS6.7AI score0.00704EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/30 2:14 p.m.10 views

CVE-2026-12893

A flaw was found in the GStreamer gst-libav plugin. A NULL pointer dereference in the demuxer error handler can be triggered when processing malformed media files, such as crafted Musepack .mpc files. When a user or application opens such a file using GStreamer, the application crashes, resulting...

5.5CVSS5.7AI score
Exploits0References4
Ubuntu
Ubuntu
added 2026/06/18 4:41 p.m.18 views

USN-8454-1: libheif vulnerabilities

Elhanan Haenel discovered that libheif incorrectly handled certain malformed HEIF sequence files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. CVE-2026-32738 Elhanan Haenel discovered that libheif incorrectly...

8.8CVSS5.1AI score0.00514EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.6 views

Hitachi Energy RTU500 NULL Pointer Dereference (CVE-2025-69421)

Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex function does not check whether...

7.5CVSS7.8AI score0.00844EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/12 10:14 p.m.9 views

CVE-2025-7019 Avast antivirus stack overflow when scanning a malformed Office Open XML file

Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus...

5.5CVSS5.4AI score0.00113EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/12 12:0 a.m.30 views

Security update for assimp (moderate)

openSUSE Security Update: Security update for assimp Announcement ID: openSUSE-SU-2026:0045-1 Rating: moderate References: 1241367 Cross-References: CVE-2025-3548 CVSS scores: CVE-2025-3548 SUSE: 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: openSUSE Backports SLE-15-SP6 An...

5.3CVSS5.6AI score0.00261EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.13.0 : shim (EulerOS-SA-2026-2190)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impac...

7.5CVSS6.1AI score0.00844EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/03 10:23 p.m.8 views

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the xlsparseWorkBook function when handling malformed XLS files, due to uninitialized heap memory originating from the OLE layer ole2read. An attacker can cause undefined behavior, trigger incorrect...

6.9CVSS5.3AI score0.00214EPSS
Exploits1References2
NVD
NVD
added 2026/06/03 8:16 p.m.14 views

CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.3CVSS0.00214EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/03 12:0 a.m.17 views

EUVD-2026-34179

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.8AI score0.00214EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

libxls 安全漏洞

libxls is an open-source C library for reading old binary OLE format Excel files. Version 1.6.3 of libxls contains a security vulnerability. This vulnerability stems from the use of uninitialized memory during the parsing of malformed XLS files, which may lead to undefined behavior, parsing error...

5.3CVSS5.2AI score0.00214EPSS
Exploits1References1
Rows per page
Query Builder